Plugin broken in Burp Suite Pro v2021.2
Closed this issue ยท 10 comments
Hi! Thank you for the work on this plugin!
Unfortunately, it seems like the plugin no longer works in v2021.2 - if I send a JWT to the JSON Web Token extension, it correctly decodes the JWT and I can see the fields. However, it is not possible to modify the JWT in the text area. I can click the text area, move the cursor around, select text and the text area even automatically detects pairs of parantheses. But it is not possible to add new text or modify the existing parameters. Furthermore, the text area itself is very small, which would make editing (if it would work) quite uncomfortable as well.
Is this a general problem with v2021.2 or is my installation broken? Thank you! :)
Hi @bksec
Thanks!
This is a common problem with the rsyntax textarea and burp (since quite some time).
It however should only happen when the plugin is activated after burp was started (meaning just installed).
Can you restart burp and give me feedback if it works?
I have no burp pro to test it.
Otherwise, there might be a fix around ,see bobbylight/RSyntaxTextArea#269 (comment) - maybe ill need your help to test it ;)
Cheers
Hi @ozzi-
Thank you for your reply! The problem also persists after restarting. I've just tried the plugin in the Community Version v2021.2. Everything is fine there, so it does seem like it's a bug with the Pro version. Strange.
Happy to help with a fix! Let me know how I can help you and I'll do my best :)
Oh no portswigger what have you done? ๐
I opened a new branch with the potential hotfix:
e98fed4
Testing it on my community version, the results are promising, no restart of burp is required for the textarea to work, so I have big hopes it will work in the pro version too.
Can you please test the following jar attached:
jwt4b.zip
You can do this as following:
https://i.imgur.com/O4wW6dY.png
Looking forward to your response!
Hi @ozzi-
Good news! I just tested it and your hotfix works! The text area for editing the JWT is still quite small, but it's possible to edit the JWT now. Recalculation of the signature also works. Thank you for the super quick fix!
Side note: I'm on Burp Suite Pro v2021.2.1 now, since a new version was just released and the hotfix works there. I couldn't test it with v2021.2 before updating. The plugin without the hotfix doesn't work in the new v2021.2.1.
Thank you! :)
Thank you for your fast testing!
Can you please provide a screenshot of the text area? Then i can fix both together and create a release.
The text area size is the same as in the Community version and as in my screenshot in the first comment. I think it could be a bit wider but especially quite a bit longer, so that you can see more parameters at the same time :)
When the burp window is "reasonably" big, i get the following result:
https://i.imgur.com/1d0LQjQ.png
When the window is smaller, i can see the ratio being a bit weird:
https://i.imgur.com/ZJ979RK.png
Ill do my best - however java swing isn't my strongest skill :D
Ah, I see, I have the same behaviour. My screenshot is from the Repeater. If I close the Inspector there and make the Response part smaller, the text area gets bigger, as in your screenshots. In the Proxy it's also like in your screenshot.
Has been some time since I worked with Swing, so I can' treally give too many tips. I know it's not the easiest framework to work in ๐
I tuned the UI, it isn't perfect, but it "behaves" more useful now ;)
99e4505
https://i.imgur.com/EsMnMAO.png
Ill create a PR for portswigger!
Thanks for your help making JWT4B better ๐
Fantastic! Thank you so much! Looking forward to see the update in the offical BApp store. :D