Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Modifying message

Andrey | Last updated: Sep 30, 2016 09:02AM UTC

Hi, I,m writing an extension which decrypt requests and responses and send it to Proxy-Intercept tab. So, I want to modify this message,ecrypt it and send forward, but message what is modified will not changed. In example below rsp_msg2 = response.to_a (after modifying in intercept tab). How can I get modified in proxy-intercept tab message? Ruby code: def processProxyMessage(messageIsRequest, message) if (!messageIsRequest) rsp_msg1 = message.getMessageInfo().getResponse() response=@decrypt.call(rsp_msg1,rsp_msg1.size,0) #my library call's message.getMessageInfo().setResponse(response.to_a) message.setInterceptAction(IInterceptedProxyMessage.ACTION_DO_INTERCEPT) rsp_msg2 = message.getMessageInfo().getResponse() end end p.s.Excuse me for my bad english

PortSwigger Agent | Last updated: Sep 30, 2016 12:57PM UTC

I'm not quite sure I understand. Are you saying that when the response is shown in the Proxy intercept view, after your code as run, this still shows the original response, not the one that your extension has set?

Burp User | Last updated: Oct 01, 2016 02:42AM UTC

No, response shows the message which I set in this line "message.getMessageInfo().setResponse(response.to_a)". The programm continues after setInterceptAction() and I can't get editted message(in the Proxy intercept view) in line "rsp_msg2 = message.getMessageInfo().getResponse()"

PortSwigger Agent | Last updated: Oct 03, 2016 10:39AM UTC

Are you saying that you want your extension to be able to programmatically get the response as edited by the user? In that case, set the intercept action to ACTION_DO_INTERCEPT_AND_REHOOK. Incidentally, a neater way to do what you want might be with a custom tab in the HTTP message editor. This will be shown for all relevant messages in any context (site map, Repeater, etc). You can allow editing of the decoded message, and automatically re-encode the message afterwards. This will let you manually modify the message in any editable context within Burp, not only the Proxy intercept view, and will let you view the messages in any read-only context.

Burp User | Last updated: Oct 05, 2016 04:58AM UTC

Thank you for your answer! Combination of ACTION_DO_INTERCEPT_AND_REHOOK and setComment()/getComment() works fine

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.