search

m4ll0k / SecretFinder

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
GNU General Public License v3.0
1.95k stars 362 forks source link

Error on scanning through BurpSuite #43

Open Arun-Josh opened 3 years ago

Arun-Josh commented 3 years ago

I'm trying to use the secret finder extension in burp suite, I'm getting the following error and no match is reported in Dashboard.

Kindly look into this when u have time.

Let me know If you need additional details of this issue. We can also collaborate and fix this issue if you wish :)

    at org.python.pycode._pyx4.call_function(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
    at org.python.core.PyMethod.__call__(PyMethod.java:228)
    at org.python.core.PyMethod.__call__(PyMethod.java:218)
    at org.python.core.PyMethod.__call__(PyMethod.java:213)
    at org.python.core.PyObject._jcallexc(PyObject.java:3565)
    at org.python.core.PyObject._jcall(PyObject.java:3598)
    at org.python.proxies.__main__$BurpExtender$7.doPassiveScan(Unknown Source)
    at burp.g5c.run(Unknown Source)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Traceback (most recent call last):
  File "/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py", line 109, in doPassiveScan
    BurpExtender.issuename%(' '.join([x.title() for x in reg[0].split('_')])), 
  File "/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py", line 140, in findRegEx
    encoded_resp=binascii.b2a_base64(self._helpers.bytesToString(response))
UnicodeEncodeError: 'ascii' codec can't encode characters in position 4738-4740: ordinal not in range(128)

    at org.python.core.codecs.strict_errors(codecs.java:206)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.python.core.JavaFunc.__call__(Py.java:2895)
    at org.python.core.PyObject.__call__(PyObject.java:433)
    at org.python.core.codecs.encoding_error(codecs.java:1537)
    at org.python.core.codecs.PyUnicode_EncodeIntLimited(codecs.java:1210)
    at org.python.core.codecs.PyUnicode_EncodeASCII(codecs.java:1169)
    at org.python.core.codecs.encode(codecs.java:163)
    at org.python.core.PyString.encode(PyString.java:3995)
    at org.python.core.PyString.encode(PyString.java:3987)
    at org.python.modules.binascii.getByteBuffer(binascii.java:1056)
    at org.python.modules.binascii.b2a_base64(binascii.java:452)
    at sun.reflect.GeneratedMethodAccessor96.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:190)
    at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:208)
    at org.python.core.PyObject.__call__(PyObject.java:461)
    at org.python.core.PyObject.__call__(PyObject.java:465)
    at org.python.pycode._pyx4.findRegEx$8(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py:163)
    at org.python.pycode._pyx4.call_function(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.__call__(PyMethod.java:187)
    at org.python.pycode._pyx4.doPassiveScan$5(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py:118)
    at org.python.pycode._pyx4.call_function(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
    at org.python.core.PyMethod.__call__(PyMethod.java:228)
    at org.python.core.PyMethod.__call__(PyMethod.java:218)
    at org.python.core.PyMethod.__call__(PyMethod.java:213)
    at org.python.core.PyObject._jcallexc(PyObject.java:3565)
    at org.python.core.PyObject._jcall(PyObject.java:3598)
    at org.python.proxies.__main__$BurpExtender$7.doPassiveScan(Unknown Source)
    at burp.g5c.run(Unknown Source)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
Traceback (most recent call last):
  File "/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py", line 109, in doPassiveScan
    BurpExtender.issuename%(' '.join([x.title() for x in reg[0].split('_')])), 
  File "/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py", line 140, in findRegEx
    encoded_resp=binascii.b2a_base64(self._helpers.bytesToString(response))
UnicodeEncodeError: 'ascii' codec can't encode characters in position 19399-19401: ordinal not in range(128)

    at org.python.core.codecs.strict_errors(codecs.java:206)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.python.core.JavaFunc.__call__(Py.java:2895)
    at org.python.core.PyObject.__call__(PyObject.java:433)
    at org.python.core.codecs.encoding_error(codecs.java:1537)
    at org.python.core.codecs.PyUnicode_EncodeIntLimited(codecs.java:1210)
    at org.python.core.codecs.PyUnicode_EncodeASCII(codecs.java:1169)
    at org.python.core.codecs.encode(codecs.java:163)
    at org.python.core.PyString.encode(PyString.java:3995)
    at org.python.core.PyString.encode(PyString.java:3987)
    at org.python.modules.binascii.getByteBuffer(binascii.java:1056)
    at org.python.modules.binascii.b2a_base64(binascii.java:452)
    at sun.reflect.GeneratedMethodAccessor96.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:190)
    at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java:208)
    at org.python.core.PyObject.__call__(PyObject.java:461)
    at org.python.core.PyObject.__call__(PyObject.java:465)
    at org.python.pycode._pyx4.findRegEx$8(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py:163)
    at org.python.pycode._pyx4.call_function(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.__call__(PyMethod.java:187)
    at org.python.pycode._pyx4.doPassiveScan$5(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py:118)
    at org.python.pycode._pyx4.call_function(/home/user/Bug_Hunter/BurpSuite-Secret_Finder-master/SecretFinder.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
    at org.python.core.PyMethod.__call__(PyMethod.java:228)
    at org.python.core.PyMethod.__call__(PyMethod.java:218)
    at org.python.core.PyMethod.__call__(PyMethod.java:213)
    at org.python.core.PyObject._jcallexc(PyObject.java:3565)
    at org.python.core.PyObject._jcall(PyObject.java:3598)
    at org.python.proxies.__main__$BurpExtender$7.doPassiveScan(Unknown Source)
    at burp.g5c.run(Unknown Source)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
m4ll0k commented 3 years ago

your jython version?

KiDxS commented 3 years ago

@m4ll0k , sorry for pinging you when you are so very busy.

I'm also having a problem with this in burp v2021, my jython version is 2.7.1.

May I know the jython version you've used the time this was working for you?

thisguy23 commented 3 years ago

same issue here

umeshgain commented 9 months ago

It worked for me in Burp in the 2023.8 version with jython 2.7.2, but after the upgrade of Burp from 2023.8 it stopped working