ngduyquockhanh
commented
10 months ago Hi,
I will fix this bug in the next version. Thank you for your contributions. 🥰
Open roman-soft opened 10 months ago
ngduyquockhanh
commented
10 months ago Hi,
I will fix this bug in the next version. Thank you for your contributions. 🥰
ngduyquockhanh
commented
10 months ago Hi @roman-soft ,
This bug has been fixed. You can test it in new version.
roman-soft
commented
10 months ago Not solved, still experimenting concurrency problems when launching an Intruder attack.
Plus, now Repeater requests are not modified by JScriptor, so this functionality is broken (it worked in previous version).
ngduyquockhanh
commented
10 months ago Please send my some PoC. When I used it, I didn't encounter such problems
roman-soft
commented
9 months ago Try to solve this ctf challange by yourself: https://www.atenea-rock.zip/code/. Basically it uses obfuscated JS to calculate a checksum of input parameters. I used JScriptor to embed it and run it on every request I launched from Burp. I both used Repeater (for manual testing) and Intruder (to brute force parameters). Repeater requests are not working in current jscriptor version. Intruder ones seems to work better than in former jscriptor version but still with issues (to repro, just start an intruder job in the ctf challenge, and send requests from Repeater at the same time).
ngduyquockhanh
commented
7 months ago If you import large libary, it may get error. Let set burpsuite intruder with slow scan. You can try new version.
ngduyquockhanh
commented
7 months ago Hello @roman-soft ,
With Javet engine in new version, multi-thread problem may be resolved
Hi,
I've observed that the extension doesn't work properly in those scenarios:
In summary, I'd say the extension is not "concurrent-safe" and the extension causes "conflicts" when using different tabs/functionalities in Burp and/or several connection-threads.
Cheers, -r