newlog
commented
10 years ago I forgot to say that if I send the request before modifying the deserialized data, everything goes fine.
Open newlog opened 10 years ago
newlog
commented
10 years ago I forgot to say that if I send the request before modifying the deserialized data, everything goes fine.
Hello,
I've been working with your extension for about two days. I've been uncapable to make it work right so I can modify serialized requests in the repeater.
The workflow is the following.
1) First I open Burp loading the extension from the command line with the following command: $ java -Djava.lo.tmpdir=C:\Temp -classpath burpsuite_pro_v1.6.jar;extensions\JDSer-ng\BurpJDSer-ng.jar;extensions\JDSer-ng\xstream-1.4.4.jar;libs* burp.StartBurp
2) I send a serialized request to repeater as the image shows.
3) I modify it.
4) Then, clicking on "Go" does not work. And if I click on "Raw" the request disappears as can be seen in the following image.
Sometimes I have achieved to correctly send the modified request. But most of the time this bug happens. The same happens when intercepting the request. In the case of intruder, the request is not deserialized (so I cannot freely modify it).
I tested this behaviour with Burp 1.6 and 1.5.21 (Pro versions). The same happens if I manually load the extension. I use Java 7 (jre7).
If you need any other information, ask me.
Thanks for your time, newlog.