CompassSecurity / SAMLRaider

SAML2 Burp Extension
MIT License
409 stars 74 forks source link

SAMLRaider doesn't work with the latest Burp Suite Pro #64

Closed b1narygl1tch closed 5 months ago

b1narygl1tch commented 2 years ago

I'm facing the issue using SAMLRaider v1.4.1 with Burp Suite Professional v2022.3.9 The plugin doesn't work with signatures. I cannot import signatures, for example. Button "Send Certificate to SAML Raider Certificates" does nothing. This is the Burp Extender tab error output:

java.lang.NullPointerException: Cannot invoke "application.SamlTabController.isEnabled(byte[], boolean)" because "this.samlTabController" is null at application.SAMLHighlighter.processHttpMessage(SAMLHighlighter.java:20) at burp.hko.run(Unknown Source) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:833)

Thanks in advance!

P.S.: Windows 10 x64, JRE 8.0.3330.2 x64

emanuelduss commented 2 years ago

Hi

Thanks for your report. I'll have a look into it the next time I work on SAML Raider. Can you post the certificate as text here so I have an example to reproduce?

THX

tobiashort commented 5 months ago

This should be fixed in the new major release. I decoupled SAMLHighlighter from SamlTabController. https://github.com/CompassSecurity/SAMLRaider/commit/8474c8b2b253597f9766a6c3f315c1d61f43f184