Closed 3dprogramin closed 3 years ago
My bad, solution already in repository. Can be found here
Hey,
run_decoder.py will probably work, but it should be possible to get the decoder running within Burp. Based on the screenshot, it looks like the response doesn't have a content-type header, so it can't automatically recognize that it's protobuf (https://github.com/nccgroup/blackboxprotobuf/blob/master/blackboxprotobuf/burp/editor.py#L233).
One thing you can do is customize the detect_protobuf
function in user_funcs.py
(https://github.com/nccgroup/blackboxprotobuf/blob/master/blackboxprotobuf/burp/user_funcs.py#L34). Maybe something like:
def detect_protobuf(content, is_request, content_info, helpers):
if 'server: envoy' in content_info.getHeaders():
return True
# return None falls back to default detection mechanisms
return None
or just return True
for everything to always have the protobuf tab, but might be too much for some apps.
That did it. Much easier to go through the responses directly in burp, instead of using run_decoder.py manually. Thanks !
Decoding and editing the request works just fine. Is there any way to decode the body of the response, which is also protobuf format ? https://i.imgur.com/p1rtQQO.png
Thanks !