-
-
Save ziot/3d5002bcb239591290f22003c6c029de to your computer and use it in GitHub Desktop.
Burp Suite Request Signer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from burp import IBurpExtender | |
from burp import IHttpListener | |
import json | |
import urllib | |
class BurpExtender(IBurpExtender, IHttpListener): | |
def registerExtenderCallbacks(self, callbacks): | |
self._callbacks = callbacks | |
self._helpers = callbacks.getHelpers() | |
callbacks.setExtensionName("Redacted Plugin") | |
callbacks.registerHttpListener(self) | |
print('loaded') | |
def find_between(self, s, first, last): | |
try: | |
start = s.index( first ) + len( first ) | |
end = s.index( last, start ) | |
return s[start:end] | |
except ValueError: | |
return "" | |
def processHttpMessage(self, toolFlag, messageIsRequest, currentRequest): | |
if messageIsRequest: | |
request_info = self._helpers.analyzeRequest(currentRequest) | |
url = request_info.getUrl().toString() | |
if "[Redacted]:443/api2/" in url: | |
print("hit: {0}".format(url)) | |
request = currentRequest.getRequest() | |
requestStr = self._callbacks.getHelpers().bytesToString(request) | |
requestParsed = self._helpers.analyzeRequest(request) | |
body = requestStr[requestParsed.getBodyOffset():] | |
headers = requestParsed.getHeaders() | |
for header in headers: | |
if header.startswith("User-Id: "): | |
user_id = header.replace("User-Id: ","") | |
elif header.startswith("User-Agent: "): | |
user_agent = header.replace("User-Agent: ","") | |
elif header.startswith("Time: "): | |
old_time = header.replace("Time: ", "") | |
elif header.startswith("Sign: "): | |
old_sign = header.replace("Sign: ", "") | |
endpoint = url.replace("https://[Redacted]:443","") | |
hostUrl = "https://[nodejsHost]" | |
hostEndpoint = "/?endpoint={0}&id={1}&ua={2}".format( | |
urllib.quote(endpoint), | |
urllib.quote(user_id), | |
urllib.quote(user_agent) | |
) | |
fullHost = "{0}/{1}".format(hostUrl, hostEndpoint) | |
req = self._helpers.buildHttpMessage([ | |
'GET {0}'.format(hostEndpoint), | |
'Host: buer.haus:8080' | |
], '') | |
resp = self._callbacks.makeHttpRequest("[host]", [port], False, req) | |
http_response = self._helpers.bytesToString(resp) | |
if http_response: | |
lineCount = len(http_response.splitlines()) | |
lastLine = http_response.splitlines()[lineCount-1] | |
jsonData = json.loads(lastLine) | |
newTime = jsonData["time"] | |
newSign = jsonData["sign"] | |
new_headers = headers | |
for idx,header in enumerate(new_headers): | |
if header.startswith("Sign: "): | |
new_headers[idx] = "Sign: {0}".format(newSign) | |
elif header.startswith("Time: "): | |
new_headers[idx] = "Time: {0}".format(newTime) | |
modified_request = self._helpers.buildHttpMessage(new_headers, currentRequest.getRequest()[request_info.getBodyOffset():]) | |
currentRequest.setRequest(modified_request) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment