Cannot load the extension - Burp freeze

d0ge / sign-saboteur

SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens

Apache License 2.0

135 stars 8 forks source link

Cannot load the extension - Burp freeze #1

Closed cosad3s closed 5 months ago

cosad3s commented 6 months ago

With the last release 0.0.6, when I manually load it into Burp Pro v2024.1.1.6, the whole application is freezing and does not respond. I waited for 30 minutes without effect.

I do not know if it is just me or not, I prefer to open an issue for an investigation.

d0ge commented 5 months ago

Hey @cosad3s, Thank you for the issue. It was a long road to increase the performance of the tool. Commit https://github.com/d0ge/sessionless/commit/1b01c33cb06447323fe20f019a2570ff5f06e1f5 should resolve your issue with application freezing up. Long story short, the regex JWT token parsing logic was broken and was replaced with simple string search algorithm. Hope it will help you. Please let me know if issue persists.

cosad3s commented 5 months ago

Wonderful, I'll test it tomorrow. I'll go back to you if any major problem :)