PortSwiggerWiener
commented
4 months ago Many thanks for your submission. It looks interesting and it's always good to see the Collaborator being used!
Main comment is that you probably need to write either an insertion point based check or a request based one as it's a bit of a mix at the moment. Both have pros and cons:
-
Insertion point based (given insertion point) - these are the most fine-grained BChecks and will be executed for each insertion point that the scanner finds in the base request (which depends on the scan config). As on lines 17-18, you insert / append your payload in the insertion point.
-
Request based (given request) - these are more coarse grained and will be run for each unique request (audit item) given to the scanner. With these, you'd configure your payload request as you're doing on lines 19-27.
Currently the BCheck appends the payload to the insertion point before issuing this request and then issues a separate request with the payload in the headers. This latter request will be identical to other requests when the base request has multiple insertion points.
I'd recommend thinking about which route you want to go down and simplifying the BCheck.
Of course, if I've misunderstood things then do please let me know!
Hannah-PortSwigger
BCheck Contributions