Creating and building Burp Suite extention using Java command-line tools

Burp Suite allows you to easily write your own plugins, to perform complex and highly customized tasks within Burp. PortSwigger (the developer behind Burp Suite) created a series of blog posts wherein he explains what can be done with Burp Extensions. In his first blog post about the subject (see Writing your first Burp Suite extension) PortSwigger explains how you can build your own extension using an IDE. Some of us prefer however to not use a heavy IDE, but to compile the jar from the command-line. This article show how to use the javac and the jar command to create your Burp extension from the command-line.

Step 1: Prepare your environment
I like to keep my directory structure clean. So for each extension I build, I create a new folder. In this project folder, I create 3 subfolders:

  • bin: this will eventually contain the JAR file
  • build: this will contain the Java class files
  • src: this will contain our Java source code and the Burp API files
    • The Burp extender API files can be downloaded in a ZIP file from http://portswigger.net/burp/extender/api/burp_extender_api.zip
      Download this ZIP file and extract it to your src folder. This will create a subfolder called "burp" with all Burp extender API Java files.

      Step 2: Develop
      All source files for your extention should be put in the src\burp folder.

      Step 3: Compile
      From your project folder, run the following commands:
      IF EXIST build\burp RMDIR /S /Q build\burp
      IF EXIST bin\burpextender.jar DEL bin\burpextender.jar
      javac -d build src\burp\*.java
      jar cf bin\burpextender.jar -C build burp

      If your Java code was OK, then you will now have your burpextender.jar file in the bin folder!

      My directory structure looks as follows:

│   compile_extender.bat    (a DOS batch file doing all steps mentioned above)
│
├───bin
├───build
└───src
    └───burp
            BurpExtender.java     (my source code)
            IBurpExtender.java
            IBurpExtenderCallbacks.java
            IContextMenuFactory.java
            IContextMenuInvocation.java
            ICookie.java
            IExtensionHelpers.java
            IExtensionStateListener.java
            IHttpListener.java
            IHttpRequestResponse.java
            IHttpRequestResponsePersisted.java
            IHttpRequestResponseWithMarkers.java
            IHttpService.java
            IInterceptedProxyMessage.java
            IIntruderAttack.java
            IIntruderPayloadGenerator.java
            IIntruderPayloadGeneratorFactory.java
            IIntruderPayloadProcessor.java
            IMenuItemHandler.java
            IMessageEditor.java
            IMessageEditorController.java
            IMessageEditorTab.java
            IMessageEditorTabFactory.java
            IParameter.java
            IProxyListener.java
            IRequestInfo.java
            IResponseInfo.java
            IScanIssue.java
            IScannerCheck.java
            IScannerInsertionPoint.java
            IScannerInsertionPointProvider.java
            IScannerListener.java
            IScanQueueItem.java
            IScopeChangeListener.java
            ISessionHandlingAction.java
            ITab.java
            ITempFile.java
            ITextEditor.java

Tags: 

You might also be interested in...