3dprogramin
commented
3 years ago My bad, solution already in repository. Can be found here
Closed 3dprogramin closed 3 years ago
3dprogramin
commented
3 years ago My bad, solution already in repository. Can be found here
rwinkelmaier-ncc
commented
3 years ago Hey,
run_decoder.py will probably work, but it should be possible to get the decoder running within Burp. Based on the screenshot, it looks like the response doesn't have a content-type header, so it can't automatically recognize that it's protobuf (https://github.com/nccgroup/blackboxprotobuf/blob/master/blackboxprotobuf/burp/editor.py#L233).
One thing you can do is customize the detect_protobuf function in user_funcs.py (https://github.com/nccgroup/blackboxprotobuf/blob/master/blackboxprotobuf/burp/user_funcs.py#L34). Maybe something like:
def detect_protobuf(content, is_request, content_info, helpers):
if 'server: envoy' in content_info.getHeaders():
return True
# return None falls back to default detection mechanisms
return None or just return True for everything to always have the protobuf tab, but might be too much for some apps.
3dprogramin
commented
3 years ago That did it. Much easier to go through the responses directly in burp, instead of using run_decoder.py manually. Thanks !
Decoding and editing the request works just fine. Is there any way to decode the body of the response, which is also protobuf format ? https://i.imgur.com/p1rtQQO.png
Thanks !