Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Script that goes with Python Scripter Burp Extension - every request passed through burp has a random User-Agent. Inspired by Marcin Wielgoszewski (@marcin) https://portswigger.net/bappstore/eb563ada801346e6bdb7a7d7c5c52583. Also inspired by Tim Tomes' (@lanmaster53) example scripts for Python Scripter https://gist.github.com/lanmaster53/3d86836…
import random
header_names = ['User-Agent']
ua = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36', 'Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36']
if (messageIsRequest):
request = helpers.analyzeRequest(messageInfo)
headers = request.getHeaders()
for header_name in header_names:
for header in headers:
if header.startswith(header_name):
headers.set(headers.index(header), 'User-Agent: ' + random.choice(ua))
break
body = messageInfo.getRequest()[request.getBodyOffset():]
new_request = helpers.buildHttpMessage(headers, body)
messageInfo.setRequest(new_request)
#print(helpers.bytesToString(new_request))
@nickpopovich

This comment has been minimized.

Copy link
Owner Author

nickpopovich commented Jan 1, 2020

the list above has just a few UA's for POC, but paste in your own python list formatted UA's for more randomness

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.