Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Exporting site map

Danny Aug 09, 2019 08:46AM UTC

Hi,

I am developing an extension that will perform the same functionality as it can be done manually by right clicking on items in Target's site map or Proxy history and then selecting "Save items". Using manual process I get a file that has contents something like this:

<?xml version="1.0"?>
--- SNIP ---
<items burpVersion="2.1.02" exportTime="Mon Aug 05 14:48:13 CEST 2019">
<item>
<time>Mon Aug 05 10:20:32 CEST 2019</time>
<url><![CDATA[https://example.com/bla/bla.html]]></url>
<host ip="1.2.3.4">example.com</host>
<port>443</port>
<protocol>https</protocol>
<method><![CDATA[GET]]></method>
<path><![CDATA[/bla/bla.html]]></path>
<extension>null</extension>
<request base64="true"><![CDATA[--- SNIP ---]]></request>
<status>302</status>
<responselength>793</responselength>
<mimetype></mimetype>
<response base64="true"><![CDATA[--- SNIP ---]]></response>
<comment></comment>
</item>
<item>
--- SNIP ---

If there is some way to programmatically get this same output (or similar, different format but with the same data) with existing functionality, existing extension or one shot API call, please let me know and ignore the rest of this question. If it is not possible continue reading...

So, as I said, I am creating extension that will do just this. The extension is almost done and by using the getSiteMap() call and iterating through all items I can generate and output the same XML file with all the same information... except one... If you check the XML file, the <host> tag has attribute called "ip". I have went through whole API documentation and I just could not find a way to get the IP associated to that host. Since I can generate manually the output and it contains the IP that information must be somewhere stored but I could not find the API to get it. The closest I got was getting the IHttpService object from the IHttpRequestResponse objects that has three methods: getHost(), getPort() and getProtocol(). The getHost() looked promising but it only contains IP when there is no host present... And I need both. :)

And any solutions that rely on resolving the hostname are not acceptable for me because I want to run this on on many old project files which contain hosts that now have different IP or do not have IP at all anymore. The extension needs to extract information only from the currently opened project file.

So to summarize, my question is: how can an extension get the IP of a specific host from a specific request/response item from site map or proxy history?

As a side note, why not implement project files in some format that is easily used by other tools? This is not the first time I was creating some tool that was stuck because the project file format was not usable out of the box. Then I had to create an extension, run burp with this extension, do my thing and then continue with the normal tool's execution. It is slow and dependable on extension API which can be limiting, as seen from this question. Or if you need the format to be like it is, at least make a functionality that transforms the current project file to some XML or JSON format, just that other tools can then parse and use that info.

Thanks for help!


Liam Tai-Hogan Aug 09, 2019 01:47PM UTC Support Center agent

We have a bit of a backlog in terms of Extensions issues. Please accept our apologies, we’ll get back to you as soon as we can.


Danny Aug 26, 2019 11:23AM UTC
Ok, thank you for your answer.

Post Your public answer

Your name
Your email address
Answer