@Override public void setRequest(byte[] message) { actual.setRequest(message); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { int[] selectedIndex = myburp.context.getSelectionBounds(); IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void actionPerformed(ActionEvent e) { IHttpRequestResponse req = myburp.context.getSelectedMessages()[0]; byte[] request = req.getRequest(); int[] selectedIndex = myburp.context.getSelectionBounds(); String action = e.getActionCommand(); byte[] newRequest = GetNewRequest(request, selectedIndex, action); req.setRequest(newRequest); }
@Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) throws Exception { if (Menu.getEnabledProfile() > 0) { IRequestInfo request = helpers.analyzeRequest(messageInfo.getRequest()); java.util.List<String> headers = request.getHeaders(); if (headers.stream().anyMatch((str -> str.trim().toLowerCase().contains("x-amz-date")))){ String[] profile = this.profiles.get(Menu.getEnabledProfile()); pw.println("Signing with profile " + Menu.getEnabledProfile() + " with key: " + profile[ACCESS_KEY]); byte[] signedRequest = Utility.signRequest(messageInfo, helpers, profile[SERVICE], profile[REGION], profile[ACCESS_KEY], profile[SECRET_KEY]); messageInfo.setRequest(signedRequest); } } } }
selectedItems[0].setRequest(newRequestBytes);
selectedItems[0].setRequest(newRequestBytes);
public boolean doAuth(IHttpRequestResponse messageInfo) { if (messageInfo == null) return true; IRequestInfo requestInfo = helpers.analyzeRequest(messageInfo.getRequest()); List<String> reqHeaders = requestInfo.getHeaders(); List<String> newHeaders = new ArrayList<String>(); for (String h : reqHeaders) { if (!h.toUpperCase().startsWith("AUTHORIZATION:")) newHeaders.add(h); } newHeaders.add("Authorization: " + authConfig.getAuthPassword()); byte[] body; byte[] modifiedReq; if (helpers.bytesToString(messageInfo.getRequest()).length() > requestInfo.getBodyOffset()) { body = helpers.stringToBytes(helpers.bytesToString(messageInfo.getRequest()).substring(requestInfo.getBodyOffset())); modifiedReq = helpers.buildHttpMessage(newHeaders, body); } else { modifiedReq = helpers.buildHttpMessage(newHeaders, "".getBytes()); } messageInfo.setRequest(modifiedReq); return true; }
@Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { if (!messageIsRequest) { return; } if (extConfig.getUserAgent() == null) { return; } IRequestInfo requestInfo = helpers.analyzeRequest(messageInfo.getRequest()); List<String> reqHeaders = requestInfo.getHeaders(); List<String> newHeaders = new ArrayList<String>(); for (String h : reqHeaders) { if (!h.toUpperCase().startsWith("USER-AGENT:")) newHeaders.add(h); } newHeaders.add("User-Agent: " + extConfig.getUserAgent()); byte[] body; byte[] modifiedReq; if (helpers.bytesToString(messageInfo.getRequest()).length() > requestInfo.getBodyOffset()) { body = helpers.stringToBytes(helpers.bytesToString(messageInfo.getRequest()).substring(requestInfo.getBodyOffset())); modifiedReq = helpers.buildHttpMessage(newHeaders, body); } else { modifiedReq = helpers.buildHttpMessage(newHeaders, "".getBytes()); } messageInfo.setRequest(modifiedReq); } }
private void addCacheBusters(IHttpRequestResponse messageInfo) { byte[] placeHolder = Utilities.helpers.stringToBytes("$randomplz"); if (Utilities.countMatches(messageInfo.getRequest(), placeHolder) > 0) { messageInfo.setRequest( Utilities.fixContentLength(Utilities.replace(messageInfo.getRequest(), placeHolder, Utilities.helpers.stringToBytes(Utilities.generateCanary()))) ); } String cacheBusterName = null; if (Utilities.globalSettings.getBoolean("Add dynamic cachebuster")) { cacheBusterName = Utilities.generateCanary(); } else if (Utilities.globalSettings.getBoolean("Add 'fcbz' cachebuster")) { cacheBusterName = "fcbz"; } if (cacheBusterName != null) { IParameter cacheBuster = burp.Utilities.helpers.buildParameter(cacheBusterName, "1", IParameter.PARAM_URL); messageInfo.setRequest(Utilities.helpers.addParameter(messageInfo.getRequest(), cacheBuster)); } }
@Override public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo) { if(messageIsRequest) { byte[] req = messageInfo.getRequest(); if (callbacks.isInScope(helpers.analyzeRequest(messageInfo).getUrl())) { if("".equals(hunterConfig.getDomain())) { callbacks.printOutput("XSS Hunter needs a valid domain and access key set on configuration tab"); } else { probes = hunterConfig.getProbeTable(); try { hunterReq = new HunterRequest(hunterConfig.getDomain(), hunterConfig.getKey()); req = hunterReq.createReq(req, probes, helpers, callbacks, true); } catch (IOException ex) { callbacks.printError("Failed to send XSS Hunter probe:\n"+ex.toString()); } } } messageInfo.setRequest(req); } } }
@Override public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage proxyMessage) { if (!messageIsRequest) { if (BurpExtender.SAVE_RESPONSES) { collab.updateResponse(proxyMessage.getMessageReference(), proxyMessage.getMessageInfo()); } return; } IHttpRequestResponse messageInfo = proxyMessage.getMessageInfo(); // only tamper with requests that are in scope IRequestInfo reqinfo = Utilities.helpers.analyzeRequest(messageInfo.getHttpService(), messageInfo.getRequest()); if (!Utilities.callbacks.isInScope(reqinfo.getUrl())) { return; } // don't tamper with requests already heading to the collaborator if (messageInfo.getHttpService().getHost().endsWith(collab.getLocation())) { return; } MetaRequest req = new MetaRequest(proxyMessage); Integer requestCode = collab.addRequest(req); messageInfo.setRequest(injectPayloads(messageInfo.getRequest(), requestCode)); }