search

PortSwigger / burp-extensions-montoya-api

Burp Extensions Api
Other
125 stars 3 forks source link

How do I load a TestExtension Java? #17

Closed Nzoth9 closed 1 year ago

Nzoth9 commented 1 year ago

Hello! Dear PortSwigger official, I modified /examples/build.gradle to /test/java/burp/api/montoya/TestExtension.java build and use jar, we modified build.gradle as follows.

...
task buildHttpHandlerExample(type: Jar, dependsOn: classes) {
    group "build-examples"
    archiveBaseName.set("HttpHandlerExample")
    includeEmptyDirs(false)
    from sourceSets.main.output
    include("**\\httphandler\\*")
}

task buildTest(type: Jar, dependsOn: classes) {
  group "build-examples"
  archiveBaseName.set("TestExtension")
  includeEmptyDirs(false)
  from sourceSets.main.output
  include("**\\TestExtension\\*")
}
...

Also, I loaded jar, but the following error occurs.

스크린샷 2022-12-23 오후 11 03 18

My burp version is 2022.12 and JDK uses 17.0.4, M1 Mac. Am I missing something?

I think it's still a problem that I'm not good at dealing with Java and Gradle. I'm sorry. I'll be waiting for the reply.

I would like to request all the requests once again with JSON data. There are methods to intercept requests and responses, but there seems to be no methods to build new requests.

Is there any other way to create a new request with the HttpRequest object?

SeanBurnsUK commented 1 year ago

Sorry for the confusion, the class TestExtension in the Montoya API is not a real extension. We will remove it in next release, and put that information in a "migrating" document.

It is a class we used to show how to do the functions in the old api using the new api.

For example... in the old api there was a method to "registerScannerListener", if you look for the function with the same name in TestExtension you will see how to do it using the new api.

private void registerScannerListener() { scanner.registerAuditIssueHandler(new AuditIssueHandler() {...

SeanBurnsUK commented 1 year ago

We will also looking to simplify the examples so the Gradle is not complicated. I will update you when we have moved the examples.

Nzoth9 commented 1 year ago

Hello, Dear @SeanBurnsUK! First of all, thank you for making a good API. I have a question. Do I need to create a new HTTP request with Python, for example, requests function?

Hannah-PortSwigger commented 1 year ago

The Montoya API is not compatible with Python.

You can build a request to pass in using HttpRequest.httpRequest().

To issue your request, you would use Http.issueRequest().

SeanBurnsUK commented 1 year ago

We will be releasing version 1.0.0 of the api next week.

You can see the api on the Dev Branch.

The examples for this api are on a new GitHub repo with much simpler Gradle files to copy/paste.

Nzoth9 commented 1 year ago

Thank you @SeanBurnsUK, @Hannah-PortSwigger! <3<3