pathetiq / burpsmartbuster Goto Github PK
View Code? Open in Web Editor NEWA Burp Suite content discovery plugin that add the smart into the Buster!
License: MIT License
A Burp Suite content discovery plugin that add the smart into the Buster!
License: MIT License
I believe I have all the required packages installed and the paths are correct, but I get this error in BS when trying to add the extension:
java.lang.IllegalArgumentException: Cannot create PyString with non-byte value
at org.python.core.PyString.(PyString.java:64)
at org.python.core.PyString.(PyString.java:70)
at org.python.core.PySyntaxError.(PySyntaxError.java:33)
at org.python.core.ParserFacade.fixParseError(ParserFacade.java:95)
at org.python.core.ParserFacade.parse(ParserFacade.java:190)
at org.python.core.Py.compile_flags(Py.java:1956)
at org.python.core.builtin.execfile_flags(builtin.java:527)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.roe.(Unknown Source)
at burp.prg.a(Unknown Source)
at burp.hdc.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
According to this, it may be a known bug in Jython http://stackoverflow.com/questions/30545083/jython-test-to-prevent-exception-cannot-create-pystring-with-non-byte-value
Hi dude,
Firstly, thanks for your work. Secondly I do have a problem installing this one unfortuantelly.
So, I got followed your steps and everything decribed bellow was recorded with a Kali r2 2016, fully updated.
That being said here's what's happening trying to make your extension working( beautifulsoup and requests were already installed with my system)
Accordign with your wiki:
"
Prerequisite:
Install Jython 2.7
Inside Jython (using pip from jython bin folder) install:
git clone https://github.com/sloria/TextBlob.git
git branch tag/0.11.1
[apt-get install python-beautifulsoup]
[apt-get install python-request]
pip install tld
"
My steps:
root@kali2016r2:/jython2.7.0# cd TextBlob//jython2.7.0/TextBlob# git branch tag/0.11.1
root@kali2016r2:
root@kali2016r2:~/jython2.7.0/bin# ./pip install tld
Downloading/unpacking tld
Downloading tld-0.7.6-py2.py3-none-any.whl (147kB): 147kB downloaded
Downloading/unpacking six>=1.4 (from tld)
Downloading six-1.10.0-py2.py3-none-any.whl
Installing collected packages: tld, six
Successfully installed tld six
Cleaning up...
The py file was modified accordingly:
sys.path.append("/usr/local/lib/python2.7/site-packages")
sys.path.append("/usr/lib/python2.7/dist-packages/nltk")
sys.path.append("~/jython2.7.0/TextBlob")
Traceback (most recent call last):
File "/root/Desktop/burp_suite/BurpSmartBuster/BurpSmartBuster.py", line 44, in
from tld import get_tld
ImportError: No module named tld
at org.python.core.Py.ImportError(Py.java:328)
at org.python.core.imp.import_first(imp.java:877)
at org.python.core.imp.import_module_level(imp.java:972)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at org.python.pycode._pyx1.f$0(/root/Desktop/burp_suite/BurpSmartBuster/BurpSmartBuster.py:1574)
at org.python.pycode._pyx1.call_function(/root/Desktop/burp_suite/BurpSmartBuster/BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1386)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.wee.<init>(Unknown Source)
at burp.aq.a(Unknown Source)
at burp.qwf.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Any ideas?
Thanks!
Good morning! Using Jython2.7 and sys.path.append("/root/jython2.7.0/Lib/site-packages") ... can't seem to get this imported. Thanks!
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_logic(imp.java:904)
at org.python.core.imp.import_module_level(imp.java:978)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importAll(imp.java:1182)
at nltk.corpus.reader$py.f$0(/root/jython2.7.0/Lib/site-packages/nltk/corpus/reader/__init__.py:111)
at nltk.corpus.reader$py.call_function(/root/jython2.7.0/Lib/site-packages/nltk/corpus/reader/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_logic(imp.java:904)
at org.python.core.imp.import_module_level(imp.java:978)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importAll(imp.java:1182)
at nltk.corpus$py.f$0(/root/jython2.7.0/Lib/site-packages/nltk/corpus/__init__.py:315)
at nltk.corpus$py.call_function(/root/jython2.7.0/Lib/site-packages/nltk/corpus/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_logic(imp.java:904)
at org.python.core.imp.import_module_level(imp.java:978)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at nltk.stem.snowball$py.f$0(/root/jython2.7.0/Lib/site-packages/nltk/stem/snowball.py:3642)
at nltk.stem.snowball$py.call_function(/root/jython2.7.0/Lib/site-packages/nltk/stem/snowball.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_logic(imp.java:904)
at org.python.core.imp.import_module_level(imp.java:978)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at nltk.stem$py.f$0(/root/jython2.7.0/Lib/site-packages/nltk/stem/__init__.py:31)
at nltk.stem$py.call_function(/root/jython2.7.0/Lib/site-packages/nltk/stem/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_logic(imp.java:904)
at org.python.core.imp.import_module_level(imp.java:978)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importAll(imp.java:1182)
at nltk$py.f$0(/root/jython2.7.0/Lib/site-packages/nltk/__init__.py:184)
at nltk$py.call_function(/root/jython2.7.0/Lib/site-packages/nltk/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.imp.import_next(imp.java:840)
at org.python.core.imp.import_module_level(imp.java:959)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importOne(imp.java:1081)
at textblob.blob$py.f$0(/tmp/pycharm-packaging/textblob/textblob/blob.py:690)
at textblob.blob$py.call_function(/tmp/pycharm-packaging/textblob/textblob/blob.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.PyModule.impAttr(PyModule.java:106)
at org.python.core.imp.import_next(imp.java:842)
at org.python.core.imp.import_module_level(imp.java:959)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at textblob$py.f$0(/tmp/pycharm-packaging/textblob/textblob/__init__.py:11)
at textblob$py.call_function(/tmp/pycharm-packaging/textblob/textblob/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromPyClass(imp.java:236)
at org.python.core.imp.createFromPyClass(imp.java:205)
at org.python.core.imp.loadFromSource(imp.java:651)
at org.python.core.imp.find_module(imp.java:543)
at org.python.core.imp.import_next(imp.java:840)
at org.python.core.imp.import_module_level(imp.java:959)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at org.python.pycode._pyx2.f$0(/root/Downloads/BurpSmartBuster/BurpSmartBuster.py:1573)
at org.python.pycode._pyx2.call_function(/root/Downloads/BurpSmartBuster/BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1386)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.odh.<init>(Unknown Source)
at burp.w6f.a(Unknown Source)
at burp.n1d.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
When a directory is found scan that directory automatically.
Complete the self.fileRequest(data) inside the BurpExtender class so user can use their own wordlist.
I am not how to actually use the extension. Current setup is on a mac, jython installed, install burpsmartbuster from bapp store, and added targers to scope. refreshed the page, but no cigar ... now what?
Thanks!
Implement scanning of directories and files with the spidered words and mergedwords acquired by Spider() object
from tld import get_tld
ImportError: No module named tld
at org.python.core.Py.ImportError(Py.java:328)
at org.python.core.imp.import_first(imp.java:877)
at org.python.core.imp.import_module_level(imp.java:972)
at org.python.core.imp.importName(imp.java:1062)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:431)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1156)
at org.python.core.imp.importFrom(imp.java:1132)
at org.python.pycode._pyx1.f$0(C:\Users\Arbaz Hussain\Desktop\Burp New\Burp New Out of Plugins\BurpSmartBuster-master\BurpSmartBuster.py:1571)
at org.python.pycode._pyx1.call_function(C:\Users\Arbaz Hussain\Desktop\Burp New\Burp New Out of Plugins\BurpSmartBuster-master\BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1386)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at burp.roe.<init>(Unknown Source)
at burp.prg.a(Unknown Source)
at burp.hdc.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
i did pip install tld ,
but still didn't worked.
raceback (most recent call last):
File "/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py", line 41, in
from tld import get_tld
ImportError: cannot import name get_tld
at org.python.core.Py.ImportError(Py.java:328)
at org.python.core.imp.importFromAs(imp.java:1168)
at org.python.core.imp.importFrom(imp.java:1132)
at org.python.pycode._pyx2.f$0(/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py:1571)
at org.python.pycode._pyx2.call_function(/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1386)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.jk.<init>(Unknown Source)
at burp.up.a(Unknown Source)
at burp.wkf.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
While trying to import the module I have this error:
Error:
Traceback (innermost last):
(no code object) at line 0
SyntaxError: ('invalid syntax', ('/root/Tools/BurpSmartBuster/BurpSmartBuster.py', 70, 14, 'class Logger():'))
at org.python.core.parser.fixParseError(Unknown Source)
at org.python.core.parser.parse(Unknown Source)
at org.python.core.Py.compile_flags(Unknown Source)
at org.python.core.__builtin__.execfile_flags(Unknown Source)
at org.python.util.PythonInterpreter.execfile(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.nk.<init>(Unknown Source)
at burp.atc.a(Unknown Source)
at burp.n0f.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
What can be wrong?
It would be interesting for the plugin to automatically add discovered files/folders to the Burpsuite Sitemap.
From what I'm reading in the Burpsuite API, it should be possible via the addToSiteMap()
function.
After last update I'm getting this error when loading:
Traceback (most recent call last):
File "C:\Users\xpto\AppData\Roaming\BurpSuite\bapps\7044ef35fa5a49b39285e101a79bf4ae\BurpSmartBuster.py", line 61, in <module>
from tld import get_tld
File "C:\Users\xpto\AppData\Roaming\BurpSuite\bapps\7044ef35fa5a49b39285e101a79bf4ae\BappModules\tld\__init__.py", line 9, in <module>
from tld.utils import get_tld, get_tld_names, update_tld_names, Result
File "C:\Users\xpto\AppData\Roaming\BurpSuite\bapps\7044ef35fa5a49b39285e101a79bf4ae\BappModules\tld\utils.py", line 18, in <module>
from tld.exceptions import TldIOError, TldDomainNotFound, TldBadUrl
ImportError: No module named exceptions
Adding a graphic GUI tab inside Burp Suite to print out the result
RT, I've installed the tld module from requestments.
Then I tryed to load tld module in ipython, and it successed.
But when I tried to install the plugin, it made some errors.
By the way, I 've restart the burp for many times.
How could I solve the problem ?
Traceback (most recent call last):
File "D:\tools\BurpSmartBuster\BurpSmartBuster.py", line 47, in <module>
from tld import get_tld
ImportError: No module named tld
at org.python.core.Py.ImportError(Py.java:296)
at org.python.core.imp.import_first(imp.java:774)
at org.python.core.imp.import_module_level(imp.java:856)
at org.python.core.imp.importName(imp.java:936)
at org.python.core.ImportFunction.__call__(__builtin__.java:1278)
at org.python.core.PyObject.__call__(PyObject.java:373)
at org.python.core.__builtin__.__import__(__builtin__.java:1231)
at org.python.core.imp.importFromAs(imp.java:1030)
at org.python.core.imp.importFrom(imp.java:1006)
at org.python.pycode._pyx1.f$0(D:\tools\BurpSmartBuster\BurpSmartBuster.py:1558)
at org.python.pycode._pyx1.call_function(D:\tools\BurpSmartBuster\BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:165)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1302)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:518)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at burp.jie.<init>(Unknown Source)
at burp.sxf.a(Unknown Source)
at burp.r5h.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Traceback (most recent call last):
File "/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py", line 169, in registerExtenderCallbacks
jsonfile = open(self._jsonFile)
IOError: [Errno 2] No such file or directory: 'data.json'
at org.python.core.Py.IOError(Py.java:226)
at org.python.core.io.FileIO.<init>(FileIO.java:102)
at org.python.core.PyFile.file___init__(PyFile.java:177)
at org.python.core.PyFile$exposed___new__.createOfType(Unknown Source)
at org.python.core.PyOverridableNew.new_impl(PyOverridableNew.java:12)
at org.python.core.PyType.invokeNew(PyType.java:494)
at org.python.core.PyType.type___call__(PyType.java:1706)
at org.python.core.PyType.__call__(PyType.java:1696)
at org.python.core.OpenFunction.__call__(__builtin__.java:1725)
at org.python.core.PyObject.__call__(PyObject.java:461)
at org.python.core.PyObject.__call__(PyObject.java:465)
at org.python.pycode._pyx2.registerExtenderCallbacks$5(/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py:183)
at org.python.pycode._pyx2.call_function(/home/ddos/Downloads/BurpSmartBuster/BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:167)
at org.python.core.PyBaseCode.call(PyBaseCode.java:307)
at org.python.core.PyBaseCode.call(PyBaseCode.java:198)
at org.python.core.PyFunction.__call__(PyFunction.java:482)
at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237)
at org.python.core.PyMethod.__call__(PyMethod.java:228)
at org.python.core.PyMethod.__call__(PyMethod.java:218)
at org.python.core.PyMethod.__call__(PyMethod.java:213)
at org.python.core.PyObject._jcallexc(PyObject.java:3626)
at org.python.core.PyObject._jcall(PyObject.java:3658)
at org.python.proxies.__main__$BurpExtender$8.registerExtenderCallbacks(Unknown Source)
at burp.cjh.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Using BurpSuitePro on Windows 10, installed BurpSmartBuster from BApp Store.
Got errors using jython2.7.0 standalone, switched to jython2.7.1 full install after reading issue #17, also ran ...\jython2.7.1\bin\pip.exe install ps4 nltk TextBlob requests tld
which resolved several other issues.
Still unable to load BurpSmartBuster, and the error log is now cutting off the top of the error so I can't see what's wrong:
BurpSmartBusterError.txt
Versions installed:
pipVersions.txt
When scanning a root page, detect if the file is index.html index.php, etc. and test that file for prefix, suffix and extension.
I discovered this issue during a pentest where a large js file is downloaded from the server. (length 2885688 bytes). I noticed that the browser kept waiting for a response. When issuing the same request from the repeater, the response was returned successfully. Without the proxy, the js file could also be retrieved via the browser.
Inspecting the issue with Wireshark showed me that the request was issued from Burp to the server and the response was received by my machine and thus by burp. After looking at Burp configs I decided to disable all extensions. This narrowed the problem down to this particular extension. I don't know why the extension inhibits the response from reaching the browser through the proxy. If I have some time I will try to recreate the issue with the error output from Burp.
Burp Free 1.7.03
Jython 2.5.3 (, Jun 20 2016, 07:22:31)
[OpenJDK Server VM (Oracle Corporation)] on java1.7.0_91
Error via load:
SyntaxError: ("mismatched input 'as' expecting COLON", ('/opt/BurpSmartBuster/BurpSmartBuster.py', 355, 29, ' except Exception as e:\n'))
at org.python.core.ParserFacade.fixParseError(ParserFacade.java:92)
at org.python.core.ParserFacade.parse(ParserFacade.java:186)
at org.python.core.Py.compile_flags(Py.java:1709)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:514)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at burp.nk.<init>(Unknown Source)
at burp.atc.a(Unknown Source)
at burp.n0f.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
OS: Kali Rolling
Burp: 1.7.27 Pro
BurpSmartBuster: Install via BApp Store
Jython Standalone:
2.7.0 (http://search.maven.org/remotecontent?filepath=org/python/jython-standalone/2.7.0/jython-standalone-2.7.0.jar) or
2.7.1 (https://repo1.maven.org/maven2/org/python/jython-standalone/2.7.1/jython-standalone-2.7.1.jar)
Errorlog:
Traceback (most recent call last):
File "/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BurpSmartBuster.py", line 61, in <module>
from tld import get_tld
File "/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/__init__.py", line 9, in <module>
from tld.utils import get_tld, get_tld_names, update_tld_names, Result
File "/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/utils.py", line 18, in <module>
from tld.exceptions import TldIOError, TldDomainNotFound, TldBadUrl
ImportError: No module named exceptions
at org.python.core.Py.ImportError(Py.java:334)
at org.python.core.imp.import_logic(imp.java:913)
at org.python.core.imp.import_module_level(imp.java:970)
at org.python.core.imp.importName(imp.java:1057)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:450)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1149)
at org.python.core.imp.importFrom(imp.java:1124)
at tld.utils$py.f$0(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/utils.py:143)
at tld.utils$py.call_function(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/utils.py)
at org.python.core.PyTableCode.call(PyTableCode.java:171)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromSource(imp.java:396)
at org.python.core.imp.loadFromSource(imp.java:664)
at org.python.core.imp.find_module(imp.java:551)
at org.python.core.PyModule.impAttr(PyModule.java:111)
at org.python.core.imp.import_next(imp.java:840)
at org.python.core.imp.import_logic(imp.java:905)
at org.python.core.imp.import_module_level(imp.java:970)
at org.python.core.imp.importName(imp.java:1057)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:450)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1149)
at org.python.core.imp.importFrom(imp.java:1124)
at tld$py.f$0(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/__init__.py:9)
at tld$py.call_function(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BappModules/tld/__init__.py)
at org.python.core.PyTableCode.call(PyTableCode.java:171)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.imp.createFromCode(imp.java:436)
at org.python.core.imp.createFromSource(imp.java:396)
at org.python.core.imp.loadFromSource(imp.java:664)
at org.python.core.imp.find_module(imp.java:551)
at org.python.core.imp.import_next(imp.java:838)
at org.python.core.imp.import_module_level(imp.java:957)
at org.python.core.imp.importName(imp.java:1057)
at org.python.core.ImportFunction.__call__(__builtin__.java:1280)
at org.python.core.PyObject.__call__(PyObject.java:450)
at org.python.core.__builtin__.__import__(__builtin__.java:1232)
at org.python.core.imp.importFromAs(imp.java:1149)
at org.python.core.imp.importFrom(imp.java:1124)
at org.python.pycode._pyx6.f$0(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BurpSmartBuster.py:1819)
at org.python.pycode._pyx6.call_function(/root/.BurpSuite/bapps/7044ef35fa5a49b39285e101a79bf4ae/BurpSmartBuster.py)
at org.python.core.PyTableCode.call(PyTableCode.java:171)
at org.python.core.PyCode.call(PyCode.java:18)
at org.python.core.Py.runCode(Py.java:1614)
at org.python.core.__builtin__.execfile_flags(__builtin__.java:535)
at org.python.util.PythonInterpreter.execfile(PythonInterpreter.java:286)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at burp.gqh.<init>(Unknown Source)
at burp.b0g.a(Unknown Source)
at burp.kpe.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Any ideas on how to resolve this?
In the RequestorWorker object when an item exist, verify the 404 code of the Requestor() object to add a note if the item that has been found might be a false positive or not.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.