Open JaveleyQAQ opened 1 week ago
Anof-cyber
commented
1 week ago Can you try decrypting orignal data from browser console without pycript and share the output?
This is generally created due to json data is present with json. If you can try decrypting original request/response data directly from browser to confirm if \ is there in original date as well.
JaveleyQAQ
commented
1 week ago Can you try decrypting orignal data from browser console without pycript and share the output?
This is generally created due to json data is present with json. If you can try decrypting original request/response data directly from browser to confirm if \ is there in original date as well.
I checked the logs in the console, and there are no backslashes during decryption. However, when I view it in the Burp Suite's PyScript tab, the backslashes are present. I'm not sure if this is the cause, but although I can encrypt and decrypt normally, the server cannot accept the result. When I encrypt and decrypt multiple times, the number of backslashes increases significantly.
Anof-cyber
commented
1 week ago I see in the screenshot, encrpyted string have backsplash. The string encrpytion in PyCript does not process json as object rather as string only.
Can you check if custom encrpytion decryption script provided to pycript have any json handling.
If you are using version 0.4
When you read temp file and base64 decode it (in your custom script). Can you print the base64 decoded output and share to validate the same.
In the latest version of Burp and its extensions, every time I decrypt and then re-encrypt, it adds an extra backslash \ as an escape character, even if I don't modify anything, which leads to inconsistent encryption results.