(v2.02 and above) Global objects
If request is:
POST /c2?test=user&test1=2 HTTP/2
Host: metrics.icloud.com:443
Accept: */*
Content-Type: application/x-www-form-urlencoded
X-Apple-Request-Uuid: 123
User-Agent: cloudd/1970 CFNetwork/1335.0.3.4 Darwin/21.6.0
Content-Encoding: gzip
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Content-Length: 21
Accept-Encoding: gzip, deflate, br
username=user&email=1
jsrequest is:
{
"body":"username=user&email=1", // if you modified and put it to jsresult, http request can be change
"headers":{ // if you modified and put it to jsresult, http request can be change
"Accept":"*/*",
"X-Apple-Request-Uuid":"123",
"User-Agent":"test","Content-Encoding":"gzip",
"Host":"metrics.icloud.com:443",
"Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8",
"Accept-Encoding":"gzip, deflate, br",
"Content-Length":"21",
"Content-Type":"application/x-www-form-urlencoded"
},
"httpService":{ // if you modified and put it to jsresult, http request can be change
"host":"metrics.icloud.com",
"port":443,
"secure":true
},
"httpVersion":"HTTP/2", // if you modified and put it to jsresult, http request can be change
"method":"POST", // if you modified and put it to jsresult, http request can be change
"parameters":{ // if you modified and put it to jsresult, http request can be change
"email":"1",
"username":"user"
},
"queries":{ // if you modified and put it to jsresult, http request can be change
"test":8,
"test1":"2"
},
"path":"/aaa?test=8&test1=2", // if you modified and put it to jsresult, http request can be change
"pathWithoutQuery":"/aaa",
"url":"https://metrics.icloud.com/aaa?test=8&test1=2"
}You can get value of request via JSON object jsrequest
if response:
HTTP/2 400 Bad Request
Server: AppleHttpServer/78689afb4479
Date: Fri, 12 Jan 2024 16:31:13 GMT
Content-Length: 0
Via: 2da30206c6d59c1094d486bf69f42814:f13a90ed01b60e000b5609f888b8d857:hkhkg2
X-Apple-Request-Uuid: 123
Access-Control-Expose-Headers: X-Apple-Request-UUID,Via
jsresponse is:
{
"body":"", // if you modified and put it to jsresult, http response can be change
"headers":{ // if you modified and put it to jsresult, http response can be change
"Access-Control-Expose-Headers":"X-Apple-Request-UUID,Via",
"Server":"AppleHttpServer/78689afb4479",
"X-Apple-Request-Uuid":"123",
"Content-Length":"0",
"Date":"Fri, 12 Jan 2024 16:31:13 GMT",
"Via":"2da30206c6d59c1094d486bf69f42814:f13a90ed01b60e000b5609f888b8d857:hkhkg2"
},
"httpVersion":"HTTP/2",
"mimeType":"NONE",
"reasonPhrase":"Bad Request", // if you modified and put it to jsresult, http response can be change
"statusCode":400 // if you modified and put it to jsresult, http response can be change
}You can get value of response via JSON object jsresponse
in pre-script:
{
"request":null
}if you want to modified request, you can modified jsrequest and put it in jsresult:
jsrequest.headers.hash = "test";
jsrequest.path = "/aaa";
jsrequest.headers["User-Agent"] = "test";
jsrequest.queries.test = 8
jsrequest.parameters.username = "check";
jsresult.request = jsrequest;in post-script:
{
"response": null
}if you want to modified response, you can modified jsresponse and put it in jsresult:
jsresponse.headers.hash = "1";
jsresult.response = jsresponse;You can set project variable to burp suite project. Variable will be save in burp project, so you can get value of it from both pre-script and post-script.
- set variable:
jsvariables.variables.{name}= "value";- get variable:
jsvariables.variables.{name}Help you print data to output of extension.
jslogger.logs.push("request:" + JSON.stringify(jsrequest));