Burp bug report

Burp Suite Version: burpsuite_community_v2024.4.5

I have two legacy extenders written in Python named extender-a.py and extender-b.py. The difference between these two extenders lies in their extension names and URL matching rules. Here is the source code for the two extensions:

# extender-a.py
from burp import IBurpExtender
from burp import IHttpListener
from burp import IProxyListener


class BurpExtender(IBurpExtender, IProxyListener, IHttpListener):
    def	registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self._helpers = callbacks.getHelpers()
        callbacks.setExtensionName('extender-a')
        callbacks.registerProxyListener(self)


    def processProxyMessage(self, messageIsRequest, message):
        messageInfo = message.getMessageInfo()
        url = self._helpers.analyzeRequest(messageInfo).getUrl().toString()
        if messageIsRequest:
            if 'aaa' in url:
                print('Dropping url:',  url)
                message.setInterceptAction(message.ACTION_DROP)

# extender-b.py
from burp import IBurpExtender
from burp import IHttpListener
from burp import IProxyListener


class BurpExtender(IBurpExtender, IProxyListener, IHttpListener):
    def registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self._helpers = callbacks.getHelpers()
        callbacks.setExtensionName('extender-b')
        callbacks.registerProxyListener(self)


    def processProxyMessage(self, messageIsRequest, message):
        messageInfo = message.getMessageInfo()
        url = self._helpers.analyzeRequest(messageInfo).getUrl().toString()
        if messageIsRequest:
            if 'bbb' in url:
                print('Dropping url:',  url)
                message.setInterceptAction(message.ACTION_DROP)

Each extension works fine when used alone. However, when both extensions are loaded simultaneously, one of them does not function properly.

Here is my test command and some output text:

➜  ~ curl -x 127.0.0.1:8080 http://httpbin.org/aaa
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on the server.  If you entered the URL manually please check your spelling and try again.</p>

➜  ~ curl -x 127.0.0.1:8080 http://httpbin.org/bbb
<html><head><title>Burp Suite Community Edition</title>
<style type="text/css">
body { background: #dedede; font-family: Arial, sans-serif; color: #404042; -webkit-font-smoothing: antialiased; }
#container { padding: 0 15px; margin: 10px auto; background-color: #ffffff; }
a { word-wrap: break-word; }
a:link, a:visited { color: #e06228; text-decoration: none; }
a:hover, a:active { color: #404042; text-decoration: underline; }
h1 { font-size: 1.6em; line-height: 1.2em; font-weight: normal; color: #404042; }
h2 { font-size: 1.3em; line-height: 1.2em; padding: 0; margin: 0.8em 0 0.3em 0; font-weight: normal; color: #404042;}
.title, .navbar { color: #ffffff; background: #e06228; padding: 10px 15px; margin: 0 -15px 10px -15px; overflow: hidden; }
.title h1 { color: #ffffff; padding: 0; margin: 0; font-size: 1.8em; }
div.navbar {position: absolute; top: 18px; right: 25px;}
div.navbar ul {list-style-type: none; margin: 0; padding: 0;}
div.navbar li {display: inline; margin-left: 20px;}
div.navbar a {color: white; padding: 10px}
div.navbar a:hover, div.navbar a:active {text-decoration: none; background: #404042;}
</style>
</head>
<body>
<div id="container">
<div class="title"><h1>Burp Suite Community Edition</h1></div>
<h1>Error</h1><p>Request&#32;was&#32;dropped&#32;by&#32;Burp&#32;extension&#46;</p>
<p>&nbsp;</p>
</div>
</body>
</html>

note

中国移动App熊猫乐园Token获取上一篇

折腾Burp字体设置下一篇