CompassSecurity / SAMLRaider

SAML2 Burp Extension
MIT License
405 stars 74 forks source link

failureInInitialization #34

Closed edmacke closed 5 years ago

edmacke commented 5 years ago

Running BurpSuite 2.0.16beta and just started getting "failureInInitialization" in the SAML Raider tab in the HTTP History > Request section.

The Extender > Extensions > Errors is spitting out:

java.lang.RuntimeException: java.lang.NoSuchMethodError: com.sun.org.apache.xml.internal.serialize.OutputFormat.(Lorg/w3c/dom/Document;)V

I've tried re-installing the Extension.

FWIW, running java -version on the BurpSuite Pro JRE gives me: openjdk version "11.0.2" 2019-01-15

edmacke commented 5 years ago

Update: attempting to build the app with Maven fails as well, using Oracle JDK 11.0.2 / Maven 3.6.0.

[ERROR] /D:/temp/saml_raider/SAMLRaider/src/main/java/model/BurpCertificateStore.java:[60,88] incompatible types: java.util.Enumeration cannot be converted to java.util.Enumeration [ERROR] /D:/temp/saml_raider/SAMLRaider/src/main/java/model/BurpCertificateStore.java:[98,88] incompatible types: java.util.Enumeration cannot be converted to java.util.Enumeration [ERROR] /D:/temp/saml_raider/SAMLRaider/src/main/java/helpers/XMLHelpers.java:[94,39] no suitable constructor found for OutputFormat(org.w3c.dom.Document) constructor com.sun.org.apache.xml.internal.serialize.OutputFormat.OutputFormat() is not applicable (actual and formal argument lists differ in length) constructor com.sun.org.apache.xml.internal.serialize.OutputFormat.OutputFormat(java.lang.String,java.lang.String,boolean) is not applicable (actual and formal argument lists differ in length)

emanuelduss commented 5 years ago

Thanks for the update. I'll also fix that in the next release.

BastienFaure commented 5 years ago

Hi buddy, I do have a fix for this issue, simply using another package for achieving that stuff. However, I need to make sure the fix will not break other things: currently I am not able to edit the SAML body. I can click, highlight, do whatever but I cannot type into the repeater tab where SAML Raider is loaded. Do you have any input on that ?

emanuelduss commented 5 years ago

This is now fixed in the latest release that makes SAML Raider compatible with Java 11 again: https://github.com/SAMLRaider/SAMLRaider/releases/tag/v1.2.2