from Docker to Moby and back. what changed ?
Le téléchargement de votre SlideShare est en cours.
×
Consultez-les par la suite
Suggestions
Plus De Contenu Connexe
Similaire à Create a Custom Plugin in Burp Suite using the Extension (20)
Plus par NSConclave (20)
Plus récents (20)
Create a Custom Plugin in Burp Suite using the Extension
- 1. LAKSHMAN GARKINI Create a Custom Plugin in Burp Suite using the Extension Lakshman Garkini 29-01-2023 AMA, Ahmedabad
- 2. LAKSHMAN GARKINI Introduction and Agenda ● Advantages of using this extension ● Block Diagram ● Requirements ● Server ● Implement Request & Response functions ● ServerHelper functions ● Demo 2
- 3. LAKSHMAN GARKINI Advantages of using this extension ● It is capable of modifying the Request and Response on the fly ● For the creation of a Custom Plugin, you need to know either ○ Python ○ JavaScript 3
- 4. LAKSHMAN GARKINI Block Diagram 4
- 5. LAKSHMAN GARKINI Requirements ● Server ○ Python3 ○ Pyro4 (pip3 install Pyro4) ○ NodeJS (Optional) ● Client ○ Jython Standalone Jar 5
- 6. LAKSHMAN GARKINI Server ● To run the server on a custom host (192.168.0.109) ○ python3 burp_server.py –H 192.168.0.109 ● To run the server on a custom port (9090) ○ python3 burp_server.py –p 9090 6
- 7. LAKSHMAN GARKINI Implement Request & Response functions Python / JS functions Parameter request 2 Parameters 1st Param: Request 2nd Param: Request Payload response 4 Parameters 1st Param: Request 2nd Param: Request Payload 3rd Param: Response 4th Param: Response Payload 7
- 8. LAKSHMAN GARKINI ServerHelper functions Python / JS functions Parameter Description setQS 1 Parameter Request / Response (copy from burp suite extension) Sets the Request/Response for development getHeaders 1 Parameter Request / Response Returns HTTP request / response headers putHeader 3 Parameters 1st Param: Key 2nd Param: Value 3rd Param: Request / Response Puts header in the HTTP request / response getBody 1 Parameter Request / Response Returns HTTP request / response body appendResponsePayload 2 Parameters 1st Param: Payload 2nd Param: Response Append Payload to the HTTP response and returns appended HTTP response 8
- 9. LAKSHMAN GARKINI DEMO ● Overview of Bank Web Application ● Coding of a Custom Plugin ○ Decryption of Request in JavaScript ○ Decryption of Response in Python ○ Encryption of Request in Python ○ Encryption of Response in Python ● Creation of a Custom Plugin in Burp Suite ● How to use Custom Plugin in ○ Repeater ○ Intruder ○ Intercept 9
- 10. LAKSHMAN GARKINI Thank You Lakshman Garkini lakshman@net-square.com
