Skip to content

Latest commit

 

History

History
27 lines (20 loc) · 1.48 KB

README.md

File metadata and controls

27 lines (20 loc) · 1.48 KB

Introduction

BurpJDSer is a Burp plugin that will deserialze/serialize Java request and response to and from XML with the use of Xtream library (http://xstream.codehaus.org/)

Usage

##1 Find and download client *.jar files

  • Burp: view HTML response for embedded jar files
  • Alternatively, look through browser's cache

##2 (Optional) Search for sensitive information

  • Use JD-GUI to open jar file. File --> Save all sources to a location
  • What to search: hardcoded password, SQL string, SSN, Credit card, etc.

##3 Start Burp plugin java -classpath burp.jar;burpjdser.jar;xstream-1.4.2.jar;[client_jar] burp.StartBurp *** Note: in case there're multiple jars, copy them all into a folder and use this to start Burp:

java -classpath burp.jar;burpjdser.jar;xstream-1.4.2.jar;"[Absolute path to jars folder]"/* burp.StartBurp 

##4 Inspect serialized Java traffic

  • Serialized Java request/response will be automatically converted to XML. Decoded XML should be in "Edited Request" and "Original Response" tabs.
  • Fuzz the request using Repeater/Intruder. Request will be automatically serialized back to binary format and response will be deserialized in XML format

##5 Bypass client-side authorization: Sometimes the client rely on server for authorization check. In case you may want to modify the serialized response to bypass it:

  • Inspect proxy response for possible authorization check
  • Modify potentially abusive parameters to bypass client-side restrictions