TechQA.

Burp Extension to capture, modify and forward HTTp packets

1.8k views Asked by At

I am trying to write a simple burp extension to capture a HTTP packet, modify it and forward it to the server. I need to do this for some security testing. I started with a code to just print the received packet. Attaching the code below, which i got from various Burp tutorials. I configured Eclipse my proxy to localhost and then ran this code. The code runs fine, Burp opens up correctly and also intercepts the packet but I cant see anything on my IDE console. Please help me out, as I am pretty new to Burp and couldn't understand much from the help available online.

package burp;

public class BurpExtender2 implements IBurpExtender, IHttpListener, IProxyListener
{

private IBurpExtenderCallbacks callbacks;


public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
{

    helpers = callbacks.getHelpers();
    callbacks.registerHttpListener(this);
}


public void processHttpMessage(int toolFlag, boolean messageIsRequest,                                          IHttpRequestResponse messageInfo)
{
    System.out.println(
            (messageIsRequest ? "HTTP request to " : "HTTP response from ") +
            messageInfo.getHttpService() +
            " [" + callbacks.getToolName(toolFlag) + "]");
}

public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage message)
{
      System.out.println(message);

 }
}

I just want to know how i can get the intercepted packet in my Code and then forward it.

http proxy burp
Original Q&A
1

There are 1 answers

1
dfdumaresq On

I wonder why you're trying to write a Burp extension to capture packets. Wouldn't you use a sniffer for that?

Anyway, thanks to your code, I was able to get myself started writing extensions. Here's what I found with your method processHttpMessage

" [" + callbacks.getToolName(toolFlag) + "]"

Something is buggy here, possibly in the Burp Suite (1.5.16); I couldn't manage to get getToolName to print anything even with a hardcoded int, and it's not possible to put a debugger on Burp, so I gave up.

System.out.println( (messageIsRequest ? "HTTP request to " : "HTTP response from ") + messageInfo.getHttpService());

System.out.println(" [callbacks.getToolName(toolFlag)] = "); System.out.println(callbacks.getToolName(toolFlag));

Anyway, this will print to the console, but you won't see any value for toolFlag.

Related Questions in HTTP

Related Questions in PROXY

Related Questions in BURP

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions