class BurpExtender(IBurpExtender, IHttpListener): # implement IBurpExtender # set everything up def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object # self.helpers = callbacks.getHelpers() self.utils = BurpUtils(callbacks) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Test Helpers") # register an HTTP listener callbacks.registerHttpListener(self) # # implement IHttpListener # def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # do nothing for requests because we will not see the changes in history if messageIsRequest: return print "*****" print "type(messageInfo)", type(messageInfo) # get response info responseInfo = self.utils.getInfo(messageIsRequest, messageInfo) # get headers using utils utilHeaders = self.utils.getHeaders(responseInfo) # overwrite `Content-Type` with our own value utilHeaders.overwrite("Content-Type", "Custom content type") # put everything back together bodyBytes = self.utils.getBody(messageIsRequest, messageInfo) # build message modifiedmsg = self.utils.helpers.buildHttpMessage( utilHeaders.exportRaw(), bodyBytes) # set modified message response modifiedmsg = self.utils.setRequestResponse(messageIsRequest, modifiedmsg, messageInfo) print "type(HttpMessage)", type(modifiedmsg) # this should be reflected in response tab # done print "*****" return
def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object self.utils = BurpUtils(callbacks.getHelpers()) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Filter OPTIONS") # register an HTTP listener callbacks.registerHttpListener(self)
def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object # self.helpers = callbacks.getHelpers() self.utils = BurpUtils(callbacks) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Request Highlighter Example") # register an HTTP listener callbacks.registerHttpListener(self)
class BurpExtender(IBurpExtender, IHttpListener): # implement IBurpExtender # set everything up def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object # self.helpers = callbacks.getHelpers() self.utils = BurpUtils(callbacks) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Test Helpers") # register an HTTP listener callbacks.registerHttpListener(self) # # implement IHttpListener # def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # do nothing for requests because we will not see the changes in history if messageIsRequest: return # if we got here, we have a response print "Got response" # get response info responseInfo = self.utils.getInfo(messageIsRequest, messageInfo) # get headers responseHeaders = responseInfo.getHeaders() print "Response headers before modification" print responseHeaders # get headers using utils utilHeaders = self.utils.getHeaders(responseInfo) # print util headers to see if it works correctly # order will be off but it does not matter print "response headers recreated" respHeaderFromUtils = utilHeaders.exportRaw() print respHeaderFromUtils # add a header multiple times utilHeaders.add("customheader", "customvalue1") utilHeaders.add("customheader", "customvalue2") utilHeaders.add("customheader", "customvalue3") # remove `Vary: Accept-Encoding` utilHeaders.remove("Vary") # overwrite `Content-Type` with our own value utilHeaders.overwrite("Content-Type", "Custom content type") # print modified headers print "response headers recreated after modification" respHeaderFromUtils = utilHeaders.exportRaw() print respHeaderFromUtils # put everything back together bodyBytes = self.utils.getBody(messageIsRequest, messageInfo) # build message modifiedmsg = self.utils.helpers.buildHttpMessage( respHeaderFromUtils, bodyBytes) # set modified message response modifiedmsg = self.utils.setRequestResponse(messageIsRequest, modifiedmsg, messageInfo) # this should be reflected in response tab # done print "--------" return
class BurpExtender(IBurpExtender, IHttpListener): # implement IBurpExtender # set everything up def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object self.utils = BurpUtils(callbacks.getHelpers()) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Filter OPTIONS") # register an HTTP listener callbacks.registerHttpListener(self) # # implement IHttpListener # def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # only process responses if messageIsRequest: return # now we only have responses # get the request associated with the response requestInfo = self.utils.getInfo(True, messageInfo) # return if the request method was not OPTIONS if requestInfo.getMethod() != "OPTIONS": return # get response info responseInfo = self.utils.getInfo(False, messageInfo) # get headers using utils headers = self.utils.getHeaders(responseInfo) # overwrite the Content-Type header. Overwrite adds the header if it # does not exist. headers.overwrite("Content-Type", "text/css; charset=UTF-8") # put everything back together bodyBytes = self.utils.getBody(messageIsRequest, messageInfo) # Debug # rawHeaders = headers.exportRaw() # build message modifiedmsg = self.utils.burpHelper.buildHttpMessage( headers.exportRaw(), bodyBytes) # set modified message response self.utils.setRequestResponse(messageIsRequest, modifiedmsg, messageInfo) # this should be reflected in response tab # done print "--------" return
class BurpExtender(IBurpExtender, IHttpListener): # implement IBurpExtender # set everything up def registerExtenderCallbacks(self, callbacks): # obtain an extension helpers object # self.helpers = callbacks.getHelpers() self.utils = BurpUtils(callbacks) # support for burp-exceptions try: sys.stdout = callbacks.getStdout() except: pass # set our extension name callbacks.setExtensionName("Request Highlighter Example") # register an HTTP listener callbacks.registerHttpListener(self) # # implement IHttpListener # def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # do nothing for requests because we will not see the changes in history if messageIsRequest: return # get response info responseInfo = self.utils.getInfo(messageIsRequest, messageInfo) # get headers using utils utilHeaders = self.utils.getHeaders(responseInfo) # overwrite `Content-Type` with our own value utilHeaders.add("color", random_color()) # put everything back together bodyBytes = self.utils.getBody(messageIsRequest, messageInfo) # build message modifiedmsg = self.utils.helpers.buildHttpMessage( utilHeaders.exportRaw(), bodyBytes) # set modified message response modifiedmsg = self.utils.setRequestResponse(messageIsRequest, modifiedmsg, messageInfo) # now we can highlight based on color # read the value of "color" header if any. respInfo = self.utils.getInfo(messageIsRequest, messageInfo) hdrs = self.utils.getHeaders(respInfo) # headers.get returns a list, we want the first item. header_color = hdrs.get("color") if header_color is not None: header_color = header_color[0] # debugging # print "***** header_color", header_color, "type: ", type(header_color) messageInfo = messageInfo.setHighlight(header_color) return