-
Notifications
You must be signed in to change notification settings - Fork 0
/
readable_params_extension.py
70 lines (58 loc) · 2.69 KB
/
readable_params_extension.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
from burp import IBurpExtender, IHttpListener
from urllib import quote
from collections import OrderedDict
class BurpExtender(IBurpExtender, IHttpListener):
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
callbacks.setExtensionName("Readable Params Extension")
callbacks.registerHttpListener(self)
print("[success] Extension loaded")
def get_response_detail(self, content):
response = content.getResponse()
response_data = self._helpers.analyzeResponse(response)
headers = list(response_data.getHeaders())
body = response[response_data.getBodyOffset() :].tostring()
return headers, body
def get_request_detail(self, content):
request = content.getRequest()
request_data = self._helpers.analyzeRequest(request)
method = request_data.getMethod()
headers = list(request_data.getHeaders())
body = request[request_data.getBodyOffset() :].tostring()
return headers, body, method
def has_query(self, arg):
if "?" in arg and len(arg.split("?")[1]) > 2:
return True
return False
def encode_parameters(self, arg):
url_parts = arg.split("?", 1)
query_string = url_parts[1]
params = OrderedDict(param.split("=") for param in query_string.split("&"))
encoded_pairs = [quote(key) + "=" + quote(value) for key, value in params.items()]
encoded_query_string = "&".join(encoded_pairs)
return url_parts[0] + "?" + encoded_query_string
def get_url(self, arg):
start_index = arg.find(" ") + 1
end_index = arg.find("HTTP/") - 1
return arg[start_index:end_index]
def get_original_url(self, raw, encoded):
start_index = raw.find(" ") + 1
end_index = raw.find("HTTP/") - 1
updated = raw[:start_index] + encoded + raw[end_index:]
return updated
def processHttpMessage(self, tool, is_request, content):
if is_request and tool == self._callbacks.TOOL_REPEATER:
headers, body, method = self.get_request_detail(content)
url = self.get_url(headers[0])
if self.has_query(url):
encoded = self.encode_parameters(url)
updated = self.get_original_url(headers[0], encoded)
new_header = [updated]
for i in range(1, len(headers)):
new_header.append(headers[i])
new_request = self._helpers.buildHttpMessage(new_header, body)
content.setRequest(new_request)
print("[updated]", updated)
else:
print("[debug] no parameter")