Wednesday, November 2, 2016

1.7.10

This release adds some new APIs that extensions can use to easily implement powerful scan checks and other logic that involves response diffing.

Two new APIs have been added to IExtensionHelpers. The method:

IResponseVariations analyzeResponseVariations(byte[]... responses)

analyzes a collection of responses to identify variations in a range of attributes. The IResponseVariations object that is returned can be queried to determine the invariant or variant attributes, and the "value" of each attribute for each response:

List<String> getVariantAttributes();
List<String> getInvariantAttributes();
int getAttributeValue(String attributeName, int responseIndex);

The attributes that are currently supported are as follows:

anchor_labels
button_submit_labels
canonical_link
comments
content_length
content_type
css_classes
div_ids
etag_header
first_header_tag
header_tags
initial_body_content
input_image_labels
input_submit_labels
last_modified_header
limited_body_content
line_count
outbound_edge_count
outbound_edge_tag_names
page_title
set_cookie_names
status_code
tag_ids
tag_names
visible_text
visible_word_count
whole_body_content
word_count

Note that all values are represented as integer numbers, and the values of some attributes are intrinsically meaningful (e.g. word count) while the values of others are less so (e.g. checksum of HTML tag names).

The method:

IResponseKeywords analyzeResponseKeywords(List<String> keywords, byte[]... responses)

analyzes a collection of responses to identify the number of occurrences of the specified keywords. The IResponseKeywords object that is returned can be queried to determine the keywords whose counts vary or do not vary, and the number of occurrences of each keyword for each response:

List<String> getVariantKeywords();
List<String> getInvariantKeywords();
int getKeywordCount(String keyword, int responseIndex);

The new APIs allow your extensions to let Burp handle the messy work of analyzing responses to determine if they are the same or different, and you can easily create powerful scan checks with some simple logic:
  1. Send novel payload.
  2. Ask Burp whether the response changed in some interesting respect.
  3. If so, report an issue.
On Friday, to coincide with our Backslash Powered Scanning talk at Black Hat EU, we will be releasing an extension to the BApp Store that demonstrates how the new APIs can be used to create powerful new scanning capabilities.

burpsuite_free_linux_v1_7_10.sh
MD5: 64ae656dd589f1db2d3d47452e705318
SHA256: 6319c21bd790408d475ca63258966df111eb5ab414e8a6a5e0f4bde530ea65f6

burpsuite_free_macos_v1_7_10.dmg
MD5: 635d0684503e0ef5208dc74355647ae8
SHA256: 65e5054d1f6cde2610ead300d7847be315445d08b18ddd756fbe75e5b8578d3c

burpsuite_free_v1.7.10.jar
MD5: d34753e71e8fcd505e39510c6bf9e74b
SHA256: 9f609d14d474f43c9261c920c4a868278cbac119fcee62a328274e093738378d

burpsuite_free_windows-x64_v1_7_10.exe
MD5: a1ba61e1d546119d224200484ac8cf95
SHA256: 98736d7f2c6dc10b02ab2500674ee9da8cd242c5e23985aa6db308772ca1fdbf

burpsuite_free_windows-x86_v1_7_10.exe
MD5: e6c87ea96bf26e1d626f9a60d3432853
SHA256: 683829438af4b46c150f06ad434e8dcea4d8a831dfe92b74f2d13a3468122d94

burpsuite_pro_linux_v1_7_10.sh
MD5: 91a01d4c012b0d20c247d448de897f1c
SHA256: 1c7c86f939eac526fac76f39c9d18bd1900ad68248a39b229f367adae56c0458

burpsuite_pro_macos_v1_7_10.dmg
MD5: f616c47bfcb8d3f4d9969da7dd20689c
SHA256: e605812b52480fd07b42295558867642a4d58d6827d61b4b97299f84875bb985

burpsuite_pro_v1.7.10.jar
MD5: 0e7fe55599593c4308fd35b535cbc182
SHA256: 1bfcea1de60fdcd0b5e9d0271e92b34c3621e31e12ed114d3b599500b9168f94

burpsuite_pro_windows-x64_v1_7_10.exe
MD5: 35e4ef35c1718a79eba8ce1fd311c854
SHA256: 63bdc696553cc9430110a0fbaafb493b925b9d53a0bbf85cda3448903cb6a179

burpsuite_pro_windows-x86_v1_7_10.exe
MD5: fa60402b162ba509c6fca88961d6cbd7
SHA256: ee8156764423de5a6f65ff3683cf5b7c200769a5116ecb050abaa84de1ada950