Created
January 1, 2020 21:04
-
-
Save nickpopovich/d3229ce3129b60c49fa3de24ff56c844 to your computer and use it in GitHub Desktop.
Script that goes with Python Scripter Burp Extension - every request passed through burp has a random User-Agent. Inspired by Marcin Wielgoszewski (@marcin) https://portswigger.net/bappstore/eb563ada801346e6bdb7a7d7c5c52583. Also inspired by Tim Tomes' (@lanmaster53) example scripts for Python Scripter https://gist.github.com/lanmaster53/3d86836…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import random | |
header_names = ['User-Agent'] | |
ua = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36', 'Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36'] | |
if (messageIsRequest): | |
request = helpers.analyzeRequest(messageInfo) | |
headers = request.getHeaders() | |
for header_name in header_names: | |
for header in headers: | |
if header.startswith(header_name): | |
headers.set(headers.index(header), 'User-Agent: ' + random.choice(ua)) | |
break | |
body = messageInfo.getRequest()[request.getBodyOffset():] | |
new_request = helpers.buildHttpMessage(headers, body) | |
messageInfo.setRequest(new_request) | |
#print(helpers.bytesToString(new_request)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
the list above has just a few UA's for POC, but paste in your own python list formatted UA's for more randomness