thomaspatzke · February 2, 2015 11:19
diff --git a/Burp-SessionHandlingActionReplaceIDInResponse.py b/Burp-SessionHandlingActionReplaceIDInResponse.py
 from burp import (IBurpExtender, ISessionHandlingAction)
 import re

 class BurpExtender(IBurpExtender, ISessionHandlingAction):
    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        callbacks.setExtensionName("Path Parameter Session Handling Action")
        self.callbacks.registerSessionHandlingAction(self)
        self.out = callbacks.getStdout()
        # CONFIG: this RE matches the identifier from the first macro response
        self.reFindID = re.compile("^Location:.*/(\\d+)", re.MULTILINE)
        # CONFIG: this RE matches the part to replace with prefix as capture group 1 and suffix in capture group 2
        self.reReplaceID = re.compile("^(GET|POST\s+.*/)\d+(\s+HTTP/)")

    def log(self, msg):
        self.out.write(msg + "\n")

    ### ISessionHandlingAction ###
    def getActionName(self):
        return "Replace Path Parameter"
    
    def performAction(self, currentRequest, macroItems):
        if macroItems != None:
            mResponse = self.helpers.bytesToString(macroItems[0].getResponse())
            #self.log("Processing response:\n" + mResponse)
            match = self.reFindID.search(mResponse)
            if match:
                identifier = match.group(1)
                self.log("Found identifier: " + identifier)
                request = self.helpers.bytesToString(currentRequest.getRequest())
                result = self.reReplaceID.sub("\\g<1>" + identifier + "\\g<2>", request)
                currentRequest.setRequest(result)
            else:
                self.log("No identifier found!")
        else:
            self.log("No macro response found!")
	from burp import (IBurpExtender, ISessionHandlingAction)
	import re

	class BurpExtender(IBurpExtender, ISessionHandlingAction):
	def registerExtenderCallbacks(self, callbacks):
	self.callbacks = callbacks
	self.helpers = callbacks.getHelpers()
	callbacks.setExtensionName("Path Parameter Session Handling Action")
	self.callbacks.registerSessionHandlingAction(self)
	self.out = callbacks.getStdout()
	# CONFIG: this RE matches the identifier from the first macro response
	self.reFindID = re.compile("^Location:.*/(\\d+)", re.MULTILINE)
	# CONFIG: this RE matches the part to replace with prefix as capture group 1 and suffix in capture group 2
	self.reReplaceID = re.compile("^(GET\|POST\s+.*/)\d+(\s+HTTP/)")

	def log(self, msg):
	self.out.write(msg + "\n")

	### ISessionHandlingAction ###
	def getActionName(self):
	return "Replace Path Parameter"

	def performAction(self, currentRequest, macroItems):
	if macroItems != None:
	mResponse = self.helpers.bytesToString(macroItems[0].getResponse())
	#self.log("Processing response:\n" + mResponse)
	match = self.reFindID.search(mResponse)
	if match:
	identifier = match.group(1)
	self.log("Found identifier: " + identifier)
	request = self.helpers.bytesToString(currentRequest.getRequest())
	result = self.reReplaceID.sub("\\g<1>" + identifier + "\\g<2>", request)
	currentRequest.setRequest(result)
	else:
	self.log("No identifier found!")
	else:
	self.log("No macro response found!")