I am trying to write a simple burp extension to capture a HTTP packet, modify it and forward it to the server. I need to do this for some security testing. I started with a code to just print the received packet. Attaching the code below, which i got from various Burp tutorials. I configured Eclipse my proxy to localhost and then ran this code. The code runs fine, Burp opens up correctly and also intercepts the packet but I cant see anything on my IDE console. Please help me out, as I am pretty new to Burp and couldn't understand much from the help available online.
package burp;
public class BurpExtender2 implements IBurpExtender, IHttpListener, IProxyListener
{
private IBurpExtenderCallbacks callbacks;
public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
{
helpers = callbacks.getHelpers();
callbacks.registerHttpListener(this);
}
public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo)
{
System.out.println(
(messageIsRequest ? "HTTP request to " : "HTTP response from ") +
messageInfo.getHttpService() +
" [" + callbacks.getToolName(toolFlag) + "]");
}
public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage message)
{
System.out.println(message);
}
}
I just want to know how i can get the intercepted packet in my Code and then forward it.
I wonder why you're trying to write a Burp extension to capture packets. Wouldn't you use a sniffer for that?
Anyway, thanks to your code, I was able to get myself started writing extensions. Here's what I found with your method processHttpMessage
" [" + callbacks.getToolName(toolFlag) + "]"
Something is buggy here, possibly in the Burp Suite (1.5.16); I couldn't manage to get getToolName to print anything even with a hardcoded int, and it's not possible to put a debugger on Burp, so I gave up.
System.out.println(
(messageIsRequest ? "HTTP request to " : "HTTP response from ") +
messageInfo.getHttpService());
System.out.println(" [callbacks.getToolName(toolFlag)] = ");
System.out.println(callbacks.getToolName(toolFlag));
Anyway, this will print to the console, but you won't see any value for toolFlag.
Related
I am trying to play Widevine encrypted content on an Android TV application using Exoplayer. I have my video URL which is served from a CDN and acquired with a ticket. I have my widevine license URL, a ticket and a auth token for the license server.
I am creating a drmSessionManager, putting the necessary headers needed by the license server as follows:
UUID drmSchemeUuid = C.WIDEVINE_UUID;
mediaDrm = FrameworkMediaDrm.newInstance(drmSchemeUuid);
static final String USER_AGENT = "user-agent";
HttpMediaDrmCallback drmCallback = new HttpMediaDrmCallback("my-license-server", new DefaultHttpDataSourceFactory(USER_AGENT));
keyRequestProperties.put("ticket-header", ticket);
keyRequestProperties.put("token-header", token);
drmCallback.setKeyRequestProperty("ticket-header", ticket);
drmCallback.setKeyRequestProperty("token-header", token);
new DefaultDrmSessionManager(drmSchemeUuid, mediaDrm, drmCallback, keyRequestProperties)
After this Exoplayer handles most of the stuff, the following breakpoints are hit.
response = callback.executeKeyRequest(uuid, (KeyRequest) request);
in class DefaultDrmSession
return executePost(dataSourceFactory, url, request.getData(), requestProperties) in HttpMediaDrmCallback
I can observe that everything is fine till this point, the URL is correct, the headers are set fine.
in the following piece of code, I can observe that the dataSpec is fine, trying to POST a request to the license server with the correct data, but when making the connection the response code returns 405.
in class : DefaultHttpDataSource
in method : public long open(DataSpec dataSpec)
this.dataSpec = dataSpec;
this.bytesRead = 0;
this.bytesSkipped = 0;
transferInitializing(dataSpec);
try {
connection = makeConnection(dataSpec);
} catch (IOException e) {
throw new HttpDataSourceException("Unable to connect to " + dataSpec.uri.toString(), e,
dataSpec, HttpDataSourceException.TYPE_OPEN);
}
try {
responseCode = connection.getResponseCode();
responseMessage = connection.getResponseMessage();
} catch (IOException e) {
closeConnectionQuietly();
throw new HttpDataSourceException("Unable to connect to " + dataSpec.uri.toString(), e,
dataSpec, HttpDataSourceException.TYPE_OPEN);
}
When using postman to make a request to the URL, a GET request returns the following body with a response code of 405.
{
"Message": "The requested resource does not support http method 'GET'." }
a POST request also returns response code 405 but returns an empty body.
In both cases the following header is also returned, which I suppose the request must be accepting GET and POST requests.
Access-Control-Allow-Methods →GET, POST
I have no access to the configuration of the DRM server, and my contacts which are responsible of the DRM server tells me that POST requests must be working fine since there are clients which have managed to get the content to play from the same DRM server.
I am quite confused at the moment and think maybe I am missing some sort of configuration in exoplayer since I am quite new to the concept of DRMs.
Any help would be greatly appreciated.
We figured out the solution. The ticket supplied for the DRM license server was wrong. This works as it is supposed to now and the content is getting played. Just in case anyone somehow gets the same problem or is in need of a basic Widevine content playing code, this works fine at the moment.
Best regards.
I have a setup which uses the ESP8266 12E and it opens a web server at a specific port 200. I have used the port forwarding to route the incoming data to this server .And I have used the duckdns to register the IP and call the duckdns domain to trigger the ESP.
This works fine and I am able to trigger using the following
http://mydomain.duckdns.org:200/parseIFTTT
Using the postman tool, with the contentType as plain/text and the method as POST what ever contents I pass are getting parsed by parseIFTTT method in the ESP
void parseIFTTT() {
String message;
message += server.args();
message += "\n";
for (uint8_t i = 0; i < server.args(); i++) {
message += " " + server.argName(i) + ": " + server.arg(i) + "\n";
}
Serial.println(message);
server.send(200, "text/plain", "Success");
}
But when tried to integrate with IFTTT for any Facebook or gmail events, I am not able to parse the data from IFTTT.
The request goes to ESP8266 but the request data I am not able to parse.
The following is the request :
URL : http://mydomain.duckdns.org:200/parseIFTTT
Method : POST
Content Type: text/plain
Body : {{Message}}
In the body I have just added the {{Message}} only. In the serial monitor I get the op as blank
1
plain:
I found the issue after a lot of debugging.
The esp8266\hardware\esp8266\2.2.0\libraries\ESP8266WebServer\src\Parsing.cpp
in the core library for the Http server was using the 'Content-Length' and IFTTT was sending the request header with name as "content-length' and hence the content length was not retrieved and the parsed data was not retrieved.
Not sure whether its an issue with the IFTTT where they send this as a lower cased value.
I'm writing my own SignalR Client on Java and I'm facing some troubles.
At first I want to implement PersistentConnection logic. My server code is taken from example:
public class Battle : PersistentConnection
{
protected override Task OnConnectedAsync(IRequest request, string connectionId)
{
return Connection.Broadcast("Connection " + connectionId + " connected");
}
protected override Task OnReconnectedAsync(IRequest request, IEnumerable<string> groups, string clientId)
{
return Connection.Broadcast("Client " + clientId + " re-connected");
}
protected override Task OnReceivedAsync(IRequest request, string connectionId, string data)
{
// return Connection.Broadcast("Connection " + connectionId + " sent ");
return Connection.Send(connectionId, "Connection " + connectionId + " sent ");
}
protected override Task OnDisconnectAsync(string connectionId)
{
return Connection.Broadcast("Connection " + connectionId + " disconncted");
}
protected override Task OnErrorAsync(Exception error)
{
return Connection.Broadcast("Error occured " + error);
}
}
Judging by .NET client code, I understood that in order to connect to server client should:
1) Send request to http://myserver/battle/negotiate and get ConnectionId from response
2) Send request to http://myserver/battle/connect?transport=longPolling&connectionId=<received_connection_id>
My question is waht should client do to maintain connection? How should it listen to server broadcasting messages?
Another issue is that I receive no response when I'm trying to send message from client to server after connection has been established. I send request to http://myserver/battle/send?transport=longPolling&connectionId=<received_connection_id>. Method OnReceivedAsync is always called, but I get no response (independently of data sent).
I'd be grateful for any explanations on my questions and on internal principles of SignalR work.
Thanks in advance.
I've tried to do the same thing that you are doing! I've implemented a SignalR-client for Android and I called it SignalA. :) Have a look at it on github.
There are several methods of communication used in SignalR. My understanding is that SignalR will use the best one it determines will work with the given connection.
The general idea behind long polling is this: The client sends a request to the server with a long timeout period. Say 2 minutes or 5 minutes. If the server has a message to send to the client, it then responds to the client request with the message. Otherwise the request will eventually timeout, at which point the client initiates a new request. So, basically, the client is nearly always in a call to the server. The server only ever answers when it has a message for the client. So the client could send the request to the server and say, 90 seconds later, the server gets a message for the client.
For more information, read the Long Polling section of this Wikipedia article: http://en.wikipedia.org/wiki/Push_technology
But for the specifics, you really need to examine the .NET code closely. Hopefully this overview will give you enough to understand what's going on there, though.
I'm trying to make a HTTP request from a Adobe Illustrator Script (this question is not really JSX-related, though) via BridgeTalk to a local Rails app using a Socket connection (as you you see — plenty that could go wrong ;) ).
Finally managed to get a request through, but the Rails app throws an error:
ERROR bad Request-Line `GET /test.json HTTP/1.1'.
Currently no special headers are sent — the set–up is pretty simple:
var connection = new Socket;
var response = '';
var host = '127.0.0.1:3000';
var path = '/test.json';
var method = 'GET';
var request = method + " " + path + " HTTP/1.1";
if (connection.open(host)) {
connection.write(request);
response = connection.read(999999);
} else {
$.writeln('Socket connection failed.');
}
connection.close();
I'm assuming that the request is illformed, but I'm not sure what's expected.
The Rails app runs on WEBrick.
Any help or hint on what Rails expects here, would be greatly appreciated.
Update
It seems that WEBrick expects a carriage return in the end of the request line: \r\n .
Unfortunately I’m using BridgeTalk to execute a piece of code within Bridge which requires me to use uneval() or toSource() on the function mentioned above. These seem to escape backslashes, converting
GET /test.json HTTP/1.1\r\n
into
GET /test.json HTTP/1.1\\r\\n
causing the same error.
Any ideas?
Took a while until I got this figured out, but as usual — “too many moving parts are making it hard to spot the problem”:
Defining the request using the encoded version of the carriage return and decoding on destination will help:
var request = decodeURI(method + " " + path + " HTTP/1.1%0d%0a");
However, it turns out that a proper request should end in \n\n not \r\n, so make this:
var request = decodeURI(method + " " + path + " HTTP/1.1%0a%0a");
Now the requests come through and now longer throw errors.
I am trying to figure out how to send an email from a Flash Mobile (smartphones: blackberries, iphones, androids) app using mxml and Flash using Flash Builder 4.6. My boss told me to find out if it is possible. So far, I have been doing a lot of searching around on the internet for an answer.
I found this website: http://www.bytearray.org/?p=27, that has some classes for sending email in flash, but #1, I don't know if they work in Mobile apps, and #2, I can't find any instructions or tutorials on how to use the classes to send a simple email.
I downloaded the package from the site and imported into my project, where I am trying to send the code. But without sample code on how to simply send an email, I am not entirely sure what all do, and nor am I sure how to determine things like what port number to construct the SMTPMailer object (the SMTPMailer object is included in that package, and it takes a host string and a port number integer in it's constructor), right now I am trying 80 or 8080 for the port number, and I've tried localhost and one of our server computers, 198.162.1.109 for the host.
Anyway, I keep getting this error: Error #2044: Unhandled IOErrorEvent:. text=Error #2031: Socket Error.
Here is some of my sample code:
[Bindable]
private var mailer : SMTPMailer;
private function init() : void {
tbPass.displayAsPassword = true;
}
protected function btnClick_email(toAddress : String, fromAddress : String, pass : String) : void {
mailer = new SMTPMailer("198.168.1.109", 8080);
mailer.addEventListener(SMTPEvent.MAIL_SENT, onMailSent);
mailer.addEventListener(SMTPEvent.MAIL_ERROR, onMailError);
mailer.addEventListener(SMTPEvent.CONNECTED, onConnected);
mailer.addEventListener(SMTPEvent.DISCONNECTED, onDisconnected);
mailer.connect("hotmail.com", 8080);
mailer.authenticate(toAddress, pass);
mailer.sendHTMLMail(fromAddress, toAddress, "Subect", "Message");
}
private function onMailSent() : void {
lblEmailResult.text = "Sent Mail";
}
private function onMailError() : void {
lblEmailResult.text = "Error";
}
private function onConnected() : void {
lblEmailResult.text = "Connected";
}
private function onDisconnected() : void {
lblEmailResult.text = "Disconnected";
}
I would suggest using a back-end service to send emails, it is same as connecting to a SMTP mail server but it is more flexible.
That being said, it should work, the error you are getting is related to your host IP, are you sure you have SMTP server running on "198.168.1.109:8080"?
First check if you can send mails from it before trying to do it trough Flex, if that is OK, then you should double check socket policy files:
http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html
Hope that helps
Can't you just use navigateToURL() for this?
Ie:
var request:URLRequest("mailto:someone#somewhere.com");
navigateToURL(request);
That's all - 2 lines :)
I've accomplished this in a commercial app I worked on. We used a native extension found in distriqt's set of tools. Google them. The full suite of tools is cheap, though if you have any issues, do not expect a quick reply. Their message tool is what you are looking for, and it is easy to use.