nvssks · July 12, 2019 12:39
diff --git a/burp-track-token.py b/burp-track-token.py
 from burp import IBurpExtender
 from burp import IHttpListener
 from burp import ISessionHandlingAction

 from burp import IBurpExtender
 from burp import ISessionHandlingAction
 from burp import IBurpExtenderCallbacks

 __DEBUG__ = False

 class BurpExtender(IBurpExtender, ISessionHandlingAction):
    auth_token=''
    def registerExtenderCallbacks(self, callbacks):
        self._callbacks = callbacks
        self._helpers = self._callbacks.getHelpers()
        self._callbacks.setExtensionName('Track Token')
        self._callbacks.registerSessionHandlingAction(self)
        self._callbacks.registerHttpListener(self)
        print '[*] Track Token'

    def getActionName(self):
        return 'Track Token'

    def performAction(self, currentRequest, macroItems):
        request=currentRequest.getRequest()
        request_info=self._helpers.analyzeRequest(request)

        if self.auth_token:
            headers=request_info.getHeaders()
            for head in headers:
                if 'X-AUTH' in head:
                    headers.remove(head)
                    headers.add(self.auth_token)
                    print "[+] Header Updated to: " + self.auth_token if __DEBUG__ else None
                    new_request = self._helpers.buildHttpMessage(headers, request[request_info.getBodyOffset():])
                    currentRequest.setRequest(new_request)
        else:
            print '[-] Need a token'

    def processHttpMessage(self, toolFlag, messageIsRequest, currentMessage):
        # Operate on all tools other than the proxy
        if toolFlag != self._callbacks.TOOL_SUITE:
            if messageIsRequest:n
                self.processRequest(currentMessage)
            else:
                pass
                #self.processResponse(currentMessage)

    def processRequest(self, currentMessage):
        request = currentMessage.getRequest()
        request_info = self._helpers.analyzeRequest(request)
        requestBody = self._helpers.bytesToString(request[request_info.getBodyOffset():])
        headers=request_info.getRequest()
        for head in headers:
            if 'X-AUTH' in head:
                self.auth_token=head
                print '[+] Got Token:',head if __DEBUG__ else None
	from burp import IBurpExtender
	from burp import IHttpListener
	from burp import ISessionHandlingAction

	from burp import IBurpExtender
	from burp import ISessionHandlingAction
	from burp import IBurpExtenderCallbacks

	__DEBUG__ = False

	class BurpExtender(IBurpExtender, ISessionHandlingAction):
	auth_token=''
	def registerExtenderCallbacks(self, callbacks):
	self._callbacks = callbacks
	self._helpers = self._callbacks.getHelpers()
	self._callbacks.setExtensionName('Track Token')
	self._callbacks.registerSessionHandlingAction(self)
	self._callbacks.registerHttpListener(self)
	print '[*] Track Token'

	def getActionName(self):
	return 'Track Token'

	def performAction(self, currentRequest, macroItems):
	request=currentRequest.getRequest()
	request_info=self._helpers.analyzeRequest(request)

	if self.auth_token:
	headers=request_info.getHeaders()
	for head in headers:
	if 'X-AUTH' in head:
	headers.remove(head)
	headers.add(self.auth_token)
	print "[+] Header Updated to: " + self.auth_token if __DEBUG__ else None
	new_request = self._helpers.buildHttpMessage(headers, request[request_info.getBodyOffset():])
	currentRequest.setRequest(new_request)
	else:
	print '[-] Need a token'

	def processHttpMessage(self, toolFlag, messageIsRequest, currentMessage):
	# Operate on all tools other than the proxy
	if toolFlag != self._callbacks.TOOL_SUITE:
	if messageIsRequest:n
	self.processRequest(currentMessage)
	else:
	pass
	#self.processResponse(currentMessage)

	def processRequest(self, currentMessage):
	request = currentMessage.getRequest()
	request_info = self._helpers.analyzeRequest(request)
	requestBody = self._helpers.bytesToString(request[request_info.getBodyOffset():])
	headers=request_info.getRequest()
	for head in headers:
	if 'X-AUTH' in head:
	self.auth_token=head
	print '[+] Got Token:',head if __DEBUG__ else None