Closed JohnPeng47 closed 4 years ago
hd
,sha256sum
)available in your PATH? I just tested this with the latest Burp (2020.4, also used for a while with prev versions) and the plugin from the BApp Store and it works as expected.
Piper was developed way after v2.0 and I actually never even tried using it with anything prior to v2.0. What OS are you using? Also, try enabling developer mode (check the only checkbox on the Developer
tab of the Piper UI) and then click on the Message Viewer tabs, execute Commentators that doesn't seem to work. If there's a problem while executing the commands, Piper will log this in developer mode to the window in Extender
> Extensions
> (select Piper
in the list) > Errors
tab
Ahh looks like its my bad, didn't have the tools in my PATH. Is there a way to configure Piper to look for the binaries without setting system environment? Working on a laptop right now which I don't have local admin access to.
Thanks for the feedback, it's probably a good idea to display a helpful error message in the message editor for such cases, anyway. :)
I think all modern OS's allow you to set the PATH as a normal user for your current session:
export PATH=$PATH:/path/to/binaries/
Windows: https://superuser.com/a/25038/686884
Also, I believe when you edit the command (Piper tab / double click on entry / Command Edit...) you can specify full paths for the binaries.
you can specify full paths for the binaries
Just to confirm: yes you can, I usually do that for project-specific one-off impromptu scripts
Thought that this tool was pretty interesting, but was not able to get the Commentator and MessageViewer plugins working for the latest professional Burp build. When I select a group of Proxy History items and tried to comment them with the SHA-256 commentator plugin, nothing appeared in the comments section and no debug/error messages were logged in the Extender. Similar results with the hd MessageViewer plugin, where no output is displayed.
Wondering if this is because Burp made some API changes during their upgrade to v2.0, and Piper has not yet implemented those changes in source?