BasicAuthInsertionPoint.py

from burp import IBurpExtender, IScannerInsertionPoint, IScannerInsertionPointProvider
import base64, jarray, re


class BurpExtender(IBurpExtender):
    def registerExtenderCallbacks(self, callbacks):
        callbacks.registerScannerInsertionPointProvider(BasicAuthInsertionPointProvider(callbacks))


class BasicAuthInsertionPointProvider(IScannerInsertionPointProvider):
    def __init__(self, callbacks):
        self.callbacks = callbacks

    def getInsertionPoints(self, baseRequestResponse):
        request = baseRequestResponse.getRequest()
        requestInfo = self.callbacks.getHelpers().analyzeRequest(request)
        for header in requestInfo.getHeaders():
            if header.startswith("Authorization: Basic "):
                return [BasicAuthInsertionPoint(request, 0), BasicAuthInsertionPoint(request, 1)]


class BasicAuthInsertionPoint(IScannerInsertionPoint):
    def __init__(self, baseRequest, position):
        self.baseRequest = ''.join(map(chr, baseRequest))
        self.position = position
        match = re.search("^Authorization: Basic (.*)$", self.baseRequest, re.MULTILINE)
        self.baseBlob = match.group(1)
        self.baseValues = base64.b64decode(self.baseBlob).split(':')
        self.baseOffset = self.baseRequest.index(self.baseBlob)

    def getInsertionPointName(self):
        return "BasicAuth" + ("UserName" if self.position == 0 else "Password")

    def getBaseValue(self):
        return self.baseValues[self.position]

    def makeBlob(self, payload):
        values = list(self.baseValues)
        values[self.position] = ''.join(map(chr, payload))
        return base64.b64encode(':'.join(values))

    def buildRequest(self, payload):
        return self.baseRequest.replace(self.baseBlob, self.makeBlob(payload))

    def getPayloadOffsets(self, payload):
        return jarray.array([self.baseOffset, self.baseOffset + len(self.makeBlob(payload))], 'i')

    def getInsertionPointType(self):
        return IScannerInsertionPoint.INS_EXTENSION_PROVIDED