PortSwiggerWiener
commented
9 months ago Many thanks for your submission. It looks good. We just need to fix up that predicate I think.
Closed opcod3r closed 8 months ago
PortSwiggerWiener
commented
9 months ago Many thanks for your submission. It looks good. We just need to fix up that predicate I think.
opcod3r
commented
9 months ago Many thanks for your submission. It looks good. We just need to fix up that predicate I think.
Thanks!
How can i do that ? could you help me ? with this ?
PortSwiggerWiener
commented
9 months ago Absolutely! So if you attempt to validate your BCheck within Burp then you should see a syntax error from this line:
if {check2.response.status_code} is "200" and "\"type\":\"application\"" and "\"password\":" in {check2.response.body} then
The reason for this is the first and clause is incomplete and needs a 'subject'. So if you want to check the response body from check2, then you could write:
if {check2.response.status_code} is "200" and "\"type\":\"application\"" in {check2.response.body} and "\"password\":" in {check2.response.body} then
I'm not entirely sure of your BCheck detection logic though so you make need to modify this.
Hope that helps!
Hannah-PortSwigger
commented
9 months ago Hi there!
Have you had a chance to review the feedback given?
Unfortunately, without this feedback implemented, we are not able to merge this pull request into the main repository.
If there's anything that we can help with, then please let us know.
BCheck Contributions
[x] BCheck compiles and executes as expected
[x] BCheck contains appropriate metadata (name, version, author, description and appropriate tags)
[x] Only .bcheck files have been added or modified
[x] BCheck is in the appropriate folder
[x] PR contains single or limited number of BChecks (Multiple PRs are preferred)
[x] BCheck attempts to minimize false positives
The following image illustrates the working poc: