How to send a post request?
I read the document and know that we could use `makeHttpRequest` to send request. I've tried that if I used `PARAM_URL`, it success. I've read this thread before: http://forum.portswigger.net/thread/1571/send-post-requests-burp-extension However, if I change it to `PARAM_BODY`, it failed. My testing web server works well, for example: ``` $curl --data "title=hi&bo...1 Agent Answer 1 Community AnswerAug 04, 2015 02:31AM UTC
I am trying to write my first extension to add a csp header to the response. I have found several articles about adding headers to the requests but none for responses. This if my first try, which does not work. Any pointers to fix this would be appreciated. Thanks! def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): # determine what tool we would like to pass tho...1 Agent Answer 0 Community AnswerJul 29, 2015 09:02PM UTC
Running automated scans with Carbonator
We installed Carbonator from within the Burp scanner under the BApp store and ran the following command for as a test: java -jar Xmx2g c:\Users\Desktop\Burpsuite_pro_v1.6..21.jar https://www.google.com. We received the error message: Error occurred during initialization of VM Could not reserve enough space for 2097152KB object heap. The Burp scanner is running a VM workstation with 4GB of mem...3 Agent Answers 2 Community AnswersJul 29, 2015 02:19PM UTC
How to transfer some domain’s requests to my server?
I use Burpsuite as a proxy, and I want to collect all the requests of some domain, then send these requests to my server . For example, I want to collect all the requests of [target.com]. When a request like below come through Burpsuite: ### request begin ### http://target.com/post.php?t=12 title=hi&content=thx ### request end ### To collect these requests, I created a web server i...3 Agent Answers 4 Community AnswersJul 29, 2015 09:11AM UTC
Issues running any Ruby dependent extension
I'm trying to run Buby on my MacBook Pro Burp Pro. When trying to load the extension, I get the following error: LoadError: no such file to load -- pp require at org/jruby/RubyKernel.java:1040 (root) at /Users/peter/Desktop/work/tools/burp/bapps/bd453f3f4b364b9fba4e40e1eb6e8fb0/lib/buby.rb:1 require at org/jruby/RubyKernel.java:1040 (root) at /Users/peter/Desktop/work/tool...1 Agent Answer 2 Community AnswersJul 24, 2015 03:32PM UTC
Adding POST request to site map also adds a GET for same URL
I have a simple class that implements IHttpRequestResponse and IHttpService. I use it to construct a IHttpRequestResponse object that is ultimately added to the site map using IBurpExtenderCallbacks#addToSiteMap. When instantiate my the class with a POST request and add it to the site map, a GET request to the same URL is added as well. Any idea what causes that? code snips here: http://git.io/...1 Agent Answer 0 Community AnswerJul 16, 2015 08:48AM UTC
saving state for extension data
Is there a method to save/restore extension data as part of Burp's "save state"? I didn't see anything in the API docs. Just trying it, the extension data wasn't saved during a save and restore. Anything I'm missing, or should I just write my own save functionality for my data? Thanks!7 Agent Answers 6 Community AnswersJul 14, 2015 05:48PM UTC
Request and response time API must be implemented for logging functionality.
I have asked in Burp Suite User Forum about "Accessing the response time" for long time ago, and I am waiting for 1.5 years approximately, regarding to http://forum.portswigger.net/thread/686/accessing-response-time On Jan 24, 2014 at 7:00pm ”We hear you :) We should be able to add this feature within the next 1-2 months.” but unfortunately long time no update, I'd l...1 Agent Answer 0 Community AnswerJul 14, 2015 02:12AM UTC
Exporting scan reports using carbonator
Hi Guys, I have pro license for burp and I am using carbonator to automate my scan on windows. But as soon as the scan finishes, burp shuts down and I am unable to export the reports of scanner. Could you guys please let me know if there is any way to export the results in .html using the carbonator. Thanks in advance -Kalpesh5 Agent Answers 5 Community AnswersJul 08, 2015 12:48PM UTC
Greetings- I've been writing an extension that will take a URL that is intercepted by burp and submit it to VirusTotal for analysis. Here is a snippet: def changeSelection(self, row, col, toggle, extend): # show the log entry for the selected row logEntry = self._extender._log.get(row) myVT = virusTotalAnalysis(logEntry._requestResponse.getUrl()) ...0 Community AnswerJul 06, 2015 10:45AM UTC