-
Notifications
You must be signed in to change notification settings - Fork 0
Burpy Functions
Here are all the available functions that you can use with Burp.
| Name | Arguments | Description |
|---|---|---|
| Concat | first (string), second (string), ... more strings (optional) | Concatenates two or more strings |
| Env | key (string), default (string, optional) | Gets an environment variable |
| Hash | text (string) | Hashes a string with argon2id |
| Home | arguments (string) | Prepends the home directory to the arguments |
| Add | first (number), second (number), ... more numbers (optional) | Adds two or more numbers |
| Sub | first (number), second (number), ... more numbers (optional) | Subtracts two or more numbers |
| Div | first (number), second (number), ... more numbers (optional) | Divides two or more numbers |
| Mpy | first (number), second (number), ... more numbers (optional) | Multiplies two or more numbers |
| Mod | first (number), second (number), ... more numbers (optional) | Uses modulo on two or more numbers |
| Random | length (int, max length of 32767) | Generates a random string with a specific length |
| Store | key (string), value (string) | Stores a value to the heap |
| Use | key (string) | Gets a value stored in the heap |
Here are some examples of how you can use the available functions in Burp:
-
Concatenating strings:
[burp: Concat(hello, ,world, ,universe)]will result inhello world universe. Note that an empty argument is used to represent a space between the words. -
Retrieving environment variables:
[burp: Env(GOPATH)]will return the value of theGOPATHenvironment variable, such as$HOME/.go. -
Hashing a string:
[burp: Hash(hello world)]will hash the string "hello world" using the argon2id algorithm and return the hashed result, such as$argon2id$v=19$m=16,t=2,p=1$ZXRzdGVzdGVzdGV0$7E/Ari559oW6qWvyGPBNZQ. -
Performing arithmetic operations:
[burp: Add(1,1,2)]will add the numbers 1, 1, and 2 together and return the result, such as4. Similarly, you can use theSub,Div,Mpy, andModfunctions to subtract, divide, multiply, and calculate the modulo of numbers, respectively. -
Generating a random string:
[burp: Random(16)]will generate a random string of the specified length, such asCGJvTrl569OrfDxO. -
Storing and retrieving values from the heap:
[burp: Store(hello, world)]will store the value "world" with the key "hello" in the heap. To retrieve the stored value, you can use theUsefunction:[burp: Use(hello)]will returnworld.
To test these functions, you can use the eval command in the Burp CLI:
$ burp eval "[burp: Add(1,1,2)]"
4You can replace the function and its arguments within the square brackets to test different functions and see their results.
To get started with Burp, we recommend reading the following in chronological:
- Installing the Burp Agent on your remote server
- Setting up Burp CLI on your development machine
- Creating your first Burp.toml
- Deploying your first application
You may want to read a specific part of configuring a Burp file:
You can also read the list of available functions of Burp: