1.
Unleashing the Full Potential of
Burp Suite with Extension
Development for Enhanced
Penetration Testing - Jagdish Jogal
29-01-2023 AMA, Ahmedabad

2.
Agenda
● Talk about how to create Burp Suite extension using Jython/Python
which will Decrypt and Encrypt the Complex encrypted requests and
responses on the Fly.
● After this session you will be able to think, How you can build
custom methodology to deal with your applications, do
Automations, and make the security testing easy by expanding the
functionality of Burp Suite.

3.
Profile
Jagdish Jogal
● Team Leads at Net-Square Solutions Private Limited
● Expertise in Web and Mobile application testing,
Complex JS debugging, Automation development for
testing, etc
● Twitter: @j_jogal_545 / LinkedIn: jagdish-jogal

4.
Demo of the application and the scenario
Complex application with AES encryption in requests and responses.

5.
Testing Scenario - 1 (Full Body encryption)

6.
Testing Scenario - 2 (Encryption in Parameter)

7.
Testing Scenario - 3 (Encryption in Json data)

8.
Testing Scenario - 4 (Encryption in XML data)

9.
What you need to know
- Python programming language.
- Some Java UI for custom UI for extension
- Some Object Oriented programming language concepts like,
- Java Interface Overriding &
- Python method Inheritance

10.
Java Interface / Method overriding concept

11.
Python Inheritance
# Define the Animal class
class Animal:
def move(self):
print("The animal is moving.")
class Dog(Animal):
# The Dog class automatically inherits the move() method from the Animal class
pass
# Create a Dog object and call the move() method on it
dog = Dog()
dog.move() # Output: "The animal is moving."

12.
Introduction to Burp Suite API

13.
Burp Suite API documentation
Javadoc:
https://portswigger.net/burp/extender/api/
Extender API:
https://github.com/PortSwigger/burp-extender-api

14.
Burp Suite API documentation

15.
Environment Setup
Ref: https://www.jython.org/download.html

16.
Environment Setup (Dependencies directory)

17.
Basic Implementation Burp Suite Extension
from burp import IBurpExtender
class BurpExtender(IBurpExtender):
def registerExtenderCallbacks(self, callbacks):
self._callbacks = callbacks
self._helpers = callbacks.getHelpers()
self._callbacks.setExtensionName('I am New Extension')
print("Hello World!")

18.
Understanding Imports
First line: from burp import IBurpExtender
All other interfaces which our classes will implement(needed to import):
- IMessageEditorTabFactory, IMessageEditorTab
- IIntruderPayloadGeneratorFactory, IIntruderPayloadGenerator
- IScannerInsertionPointProvider, IScannerInsertionPoint
- IContextMenuFactory
- IHttpListener
Other interfaces can be implemented through Callbacks.

19.
Other Imports
From Python:
from os import makedirs, path
from array import array
…
From Java:
from javax.swing import JMenu
from javax.swing import JMenuItem
from javax.swing import JPopupMenu

20.
Callbacks and Helpers
Callbacks:
- Refer to IBurpExtenderCallbacks in documentation
- Will help to
- Enable functionalities and communicate between interfaces of Burp.
Helpers:
- Refer to IExtentionHelpers in documentation.
- Include useful methods and functionalities like,
- Analyze request, decoding/encoding, build request, etc
- Used to obtain and manipulate HTTP messages data.

21.
How we will test the shown application…?
Our Idea:
- We can create a custom Text editor tab which will show the Decrypted data
Runtime and allow us to modify on the fly.

22.
Create a Custom Text Editor Tab

23.
Extension 1: Create a custom Text editor tab
Demo code

24.
IHttpListener for Intruder and Scanner

25.
Extension 2: IHttpListener for Intruder and Scanner
Demo code

26.
Bonus points (Very helpful)

27.
Faster Debugging when developing
Just CTRL+Left click on checkbox for deactivate and reactivate plugin for newer
updates from file.

28.
Modify data of Full request body
# Get Data:
r = self._helpers.analyzeRequest(content)
headers = r.getHeaders()
body = content[r.getBodyOffset():]
# Your logic code
# Return Data:
self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))

29.
Modify data of any Parameter
# Get Data:
parameter = self._extender._helpers.getRequestParameter(content, "param_name")
data = self._extender._helpers.urlDecode(parameter.getValue())
# Your logic code
# Return Data:
self.txtInput.setText(self._helpers.buildHttpMessage(headers, body))

30.
Modify data of any Header
if messageIsRequest:
request = messageInfo.getRequest()
headers = request.getHeaders()
headers = list(headers)
for i, header in enumerate(headers):
if header.startswith("Authorization: "):
headers[i] = "Authorization: Basic admin:password"
break
else:
headers.append("Authorization: Basic admin:password")
messageInfo.setRequest(self._helpers.buildHttpMessage(headers,
request.getRequest()[request.getBodyOffset():]))

31.
Get Help from AI (i.e. ChatGPT)
Ref: https://chat.openai.com/chat

32.
Show Errors Prettier while writing code
Refer: https://github.com/securityMB/burp-exceptions

33.
Thank You
Jagdish Jogal
jagdish@net-square.com