Install the tool

[GV0009]

Hello

I would like to try using this tool but can't seem to install it. Would you have installation instructions?

Thanks

[messor2000]

Hello!

To run this extension you need to download jython-standalone-2.7.0.jar which you can find in the resource folder. To open Postman importer extension you should: Open BurpSuite, go to Extensions > Installed > Add, in the window that opens in the Extension details section select Python in the Extension type field and in the Extension file field select the file BurpExtensionUI.py.

If you will have any other problem with running extension, fill free to contact with me.

[GV0009]

Thanks for your reply. I don't see BurpExtensionUI.py in the folders/files

[messor2000]

Hi, sorry for misunderstanding, I have two repos with this extension and this is wasn't updated to the last version. I commit required changes.

If you still have some problems to run script, contact me

P.S. in the resource folder I placed updated .jar fill with needed libs to running script.

[GV0009]

Thanks for the response.

Thanks for clarifying how to install the tool.

I'm running into a problem where I follow your instructions where it says , but I get an error, "ImportError: No module named requests".

Would you have a suggestion on how to address this error?

[messor2000]

Did you use Jython with installed libs from resource folder in repo? Because if you didn't, you should add some libs manually into the Jython .jar file

[GV0009]

I did not. I use the standalone Jython version. Let me try.

[GV0009]

** I'm not sure why, but I can no longer upload images. ***

Using the jython in the tool gave me this error

at org.python.core.PyBuiltinMethodNarrow.__call__(PyBuiltinMethodNarrow.java:48)
at org.python.core.imp.loadFromLoader(imp.java:821)
at org.python.core.imp.find_module(imp.java:765)
at org.python.core.PyModule.findSubModule(PyModule.java:140)
at org.python.core.PyModule.impAttr(PyModule.java:107)
at org.python.core.imp.import_next(imp.java:1163)
at org.python.core.imp.import_module_level(imp.java:1352)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1636)
at org.python.core.imp.importFrom(imp.java:1611)
at certifi$py.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/certifi/__init__.py:4)
at certifi$py.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/certifi/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:632)
at org.python.core.util.importer.importer_load_module(importer.java:120)
at org.python.modules.zipimport.zipimporter.zipimporter_load_module(zipimporter.java:175)
at org.python.modules.zipimport.zipimporter$zipimporter_load_module_exposer.__call__(Unknown Source)
at org.python.core.PyBuiltinMethodNarrow.__call__(PyBuiltinMethodNarrow.java:48)
at org.python.core.imp.loadFromLoader(imp.java:821)
at org.python.core.imp.find_module(imp.java:765)
at org.python.core.imp.import_next(imp.java:1160)
at org.python.core.imp.import_first(imp.java:1221)
at org.python.core.imp.import_module_level(imp.java:1363)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1636)
at org.python.core.imp.importFrom(imp.java:1611)
at requests.certs$py.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/certs.py:18)
at requests.certs$py.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/certs.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:632)
at org.python.core.util.importer.importer_load_module(importer.java:120)
at org.python.modules.zipimport.zipimporter.zipimporter_load_module(zipimporter.java:175)
at org.python.modules.zipimport.zipimporter$zipimporter_load_module_exposer.__call__(Unknown Source)
at org.python.core.PyBuiltinMethodNarrow.__call__(PyBuiltinMethodNarrow.java:48)
at org.python.core.imp.loadFromLoader(imp.java:821)
at org.python.core.imp.find_module(imp.java:765)
at org.python.core.PyModule.findSubModule(PyModule.java:140)
at org.python.core.PyModule.impAttr(PyModule.java:107)
at org.python.core.imp.import_next(imp.java:1163)
at org.python.core.imp.ensureFromList(imp.java:1502)
at org.python.core.imp.ensureFromList(imp.java:1465)
at org.python.core.imp.import_module_level(imp.java:1379)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1636)
at org.python.core.imp.importFrom(imp.java:1611)
at requests.utils$py.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/utils.py:965)
at requests.utils$py.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/utils.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:632)
at org.python.core.util.importer.importer_load_module(importer.java:120)
at org.python.modules.zipimport.zipimporter.zipimporter_load_module(zipimporter.java:175)
at org.python.modules.zipimport.zipimporter$zipimporter_load_module_exposer.__call__(Unknown Source)
at org.python.core.PyBuiltinMethodNarrow.__call__(PyBuiltinMethodNarrow.java:48)
at org.python.core.imp.loadFromLoader(imp.java:821)
at org.python.core.imp.find_module(imp.java:765)
at org.python.core.PyModule.findSubModule(PyModule.java:140)
at org.python.core.PyModule.impAttr(PyModule.java:107)
at org.python.core.imp.import_next(imp.java:1163)
at org.python.core.imp.ensureFromList(imp.java:1502)
at org.python.core.imp.ensureFromList(imp.java:1465)
at org.python.core.imp.import_module_level(imp.java:1379)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1636)
at org.python.core.imp.importFrom(imp.java:1611)
at requests$py.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/__init__.py:131)
at requests$py.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/resources/jython-standalone-2.7.2-with-libs.jar/Lib/requests/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:632)
at org.python.core.util.importer.importer_load_module(importer.java:120)
at org.python.modules.zipimport.zipimporter.zipimporter_load_module(zipimporter.java:175)
at org.python.modules.zipimport.zipimporter$zipimporter_load_module_exposer.__call__(Unknown Source)
at org.python.core.PyBuiltinMethodNarrow.__call__(PyBuiltinMethodNarrow.java:48)
at org.python.core.imp.loadFromLoader(imp.java:821)
at org.python.core.imp.find_module(imp.java:765)
at org.python.core.imp.import_next(imp.java:1160)
at org.python.core.imp.import_module_level(imp.java:1352)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importOne(imp.java:1563)
at postman$py.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/postman.py:236)
at postman$py.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/postman.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:632)
at org.python.core.imp.createFromSource(imp.java:585)
at org.python.core.imp.loadFromSource(imp.java:946)
at org.python.core.imp.find_module(imp.java:771)
at org.python.core.imp.import_next(imp.java:1160)
at org.python.core.imp.import_module_level(imp.java:1352)
at org.python.core.imp.importName(imp.java:1544)
at org.python.core.ImportFunction.__call__(__builtin__.java:1285)
at org.python.core.PyObject.__call__(PyObject.java:433)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1636)
at org.python.core.imp.importFrom(imp.java:1611)
at org.python.pycode._pyx5.f$0(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/BurpExtensionUI.py:592)
at org.python.pycode._pyx5.call_function(path/to/fileBURP/Extensions/Postman-Importer/postman_importer_burp_extension-main/BurpExtensionUI.py)
at org.python.core.PyTableCode.call(PyTableCode.java:173)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1703)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:287)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
at java.base/java.lang.reflect.Method.invoke(Method.java:580)
at burp.Z_7t.Ze(Unknown Source)
at burp.Zw_9.ZD(Unknown Source)
at burp.Zgcn.Zj(Unknown Source)
at burp.Zq65.lambda$panelLoaded$0(Unknown Source)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:572)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:317)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1583)

[messor2000]

Hmm, actually I did not see such kind of errors. After adding all required libs into the Jython jar file extension should work stacktrace I can tell that there is some kind of problem with the certifi$py file in the Jython jar. But exactly Burp don't like in this jar file in your environment its hard to say. Did you try to remove fully extension from Burp and load it again when you add Jython jar file with all libs?

P.S. sorry for using Python for this extension, it was bad choice)

[BrandonSmet]

I also seem to get the same errors as specified above

[dr34mhacks]

It looks like you want to upload your Postman collection to Burp Suite's new API scan feature. While it's not fine-tuned at the moment, you can use the script below, which I personally use to convert my Postman collections into OpenAPI schemas and integrate them with Burp.

https://github.com/dr34mhacks/Openapi-Schema-Builder

Do let me know if you find any issue with above, I will try to look into it at earliest possible. :)

[messor2000]

@dr34mhacks My implementation give ability to import more complex Postman collection as it do Openapi-Schema-Builder. For example as I correctly understand your implementation can add to the Burp Site map only simple requests. May have ability to add requests with the Pre-request scripts or auth variables. That's why its more complicated and more difficult to launch