search

modzero / burp-ResponseClusterer

Burp plugin that clusters responses to show an overview of received responses
Other
15 stars 6 forks source link

Bug: Unhashable type 'array.array' #4

Open CFPrulez opened 2 years ago

CFPrulez commented 2 years ago

Issue

Some requests are not processed correctly/internal crash and no requests are logged.

How to reproduce

Unclear. This happened in some virtualized environments.

Trace

Traceback (most recent call last):
  File "C:\Users\<snip>\AppData\Roaming\BurpSuite\bapps\e63f09f290ad4d9ea20031e84767b303\ResponseClusterer.py", line 273, in processHttpMessage
    self.add_new_log_entry(toolFlag, req, resp, iRequestInfo.getUrl().toString())
  File "C:\Users\<snip>\AppData\Roaming\BurpSuite\bapps\e63f09f290ad4d9ea20031e84767b303\ResponseClusterer.py", line 284, in add_new_log_entry
    self._clusters.add((iResponseInfo.getStatusCode(), body))
TypeError: unhashable type: 'array.array'

    at org.python.core.PyException.doRaise(PyException.java:211)
    at org.python.core.Py.makeException(Py.java:1638)
    at org.python.core.Py.makeException(Py.java:1642)
    at org.python.core.Py.makeException(Py.java:1646)
    at org.python.core.Py.makeException(Py.java:1650)
    at 
org.python.pycode._pyx4.processHttpMessage$9(C:/Users/<snip>/AppData/Roaming/BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py:278)
    at org.python.pycode._pyx4.call_function(C:/Users/<snip>/AppData/Roaming/BurpSuite/bapps/e63f09f290ad4d9ea20031e84767b303/ResponseClusterer.py)
    at org.python.core.PyTableCode.call(PyTableCode.java:173)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:306)
    at org.python.core.PyBaseCode.call(PyBaseCode.java:197)
    at org.python.core.PyFunction.__call__(PyFunction.java:485)
    at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
    at org.python.core.PyMethod.__call__(PyMethod.java:228)
    at org.python.core.PyMethod.__call__(PyMethod.java:218)
    at org.python.core.PyMethod.__call__(PyMethod.java:213)
    at org.python.core.PyObject._jcallexc(PyObject.java:3565)
    at org.python.core.PyObject._jcall(PyObject.java:3598)
    at org.python.proxies.__main__$BurpExtender$0.processHttpMessage(Unknown Source)
    at burp.er6.run(Unknown Source)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
    at java.base/java.lang.Thread.run(Thread.java:832)

Quick fix

Replacement of line 284:

self._clusters.add((iResponseInfo.getStatusCode(), str(body)))

instead of

self._clusters.add((iResponseInfo.getStatusCode(), body))

As far as I have seen, this "fix" did not introduce any issues when using ResponseClusterer on other systems.