Burp插件开发：操作HTTP请求详解<\/h1>

前言<\/h2>
本教程详细讲解如何在Burp Suite插件开发中操作HTTP请求，涵盖请求解析、修改、构建和发送的全流程。这是Burp插件开发的核心功能之一，掌握这些知识将帮助你创建强大的安全测试工具。<\/p>

IExtensionHelpers接口<\/h2>
IExtensionHelpers接口为Burp插件开发提供核心工具集，通过`IBurpExtenderCallbacks.getHelpers()<\/code>获取其实例。<\/p>`

HTTP报文解析方法<\/h3>
请求解析<\/h4>
\/\/ 解析HTTP请求的三种方式
<\/span><\/span><\/span><\/span>IRequestInfo analyzeRequest<\/span>(<\/span>IHttpRequestResponse request);<\/span>
<\/span><\/span>IRequestInfo analyzeRequest<\/span>(<\/span>IHttpService httpService,<\/span> byte<\/span>[]<\/span> request);<\/span>
<\/span><\/span>IRequestInfo analyzeRequest<\/span>(<\/span>byte<\/span>[]<\/span> request);<\/span>
<\/span><\/span><\/code><\/pre>响应解析<\/h4>
IResponseInfo analyzeResponse<\/span>(<\/span>byte<\/span>[]<\/span> response);<\/span>
<\/span><\/span><\/code><\/pre>IRequestInfo\/IResponseInfo常用方法<\/h4>
String getMethod<\/span>();<\/span> \/\/ 获取请求方法
<\/span><\/span><\/span><\/span>URL getUrl<\/span>();<\/span> \/\/ 获取URL
<\/span><\/span><\/span><\/span>List<<\/span>String><\/span> getHeaders<\/span>();<\/span> \/\/ 获取消息头(字符串列表)
<\/span><\/span><\/span><\/span>List<<\/span>IParameter><\/span> getParameters<\/span>();<\/span> \/\/ 获取所有参数
<\/span><\/span><\/span><\/span>int<\/span> getBodyOffset<\/span>();<\/span> \/\/ 获取body偏移量
<\/span><\/span><\/span><\/span>byte<\/span> getContentType<\/span>();<\/span> \/\/ 获取请求体类型
<\/span><\/span><\/span><\/code><\/pre>参数类型详解<\/h3>



常量标识<\/th>
参数类型值<\/th>
参数位置与解释<\/th>
典型应用场景<\/th>
<\/tr>
<\/thead>


PARAM_URL<\/td>
0<\/td>
URL查询参数(?key=value)<\/td>
SQL注入、路径遍历检测<\/td>
<\/tr>

PARAM_BODY<\/td>
1<\/td>
POST\/PUT请求中的表单数据或JSON\/XML内容<\/td>
修改POST数据、JSON劫持检测<\/td>
<\/tr>

PARAM_COOKIE<\/td>
2<\/td>
Cookie或Set-Cookie字段中的会话标识<\/td>
会话固定攻击测试、Cookie篡改<\/td>
<\/tr>

PARAM_XML<\/td>
3<\/td>
XML文档中的节点值<\/td>
XXE漏洞探测、XML结构分析<\/td>
<\/tr>

PARAM_XML_ATTR<\/td>
4<\/td>
XML标签的属性<\/td>
属性注入检测(XSS via XML属性)<\/td>
<\/tr>

PARAM_MULTIPART_ATTR<\/td>
5<\/td>
上传文件的元数据(filename="test.jpg")<\/td>
文件上传漏洞测试<\/td>
<\/tr>

PARAM_JSON<\/td>
6<\/td>
JSON对象中的键值对({"username": "admin"})<\/td>
JSON注入、敏感数据泄露检测<\/td>
<\/tr>
<\/tbody>
<\/table>
报文构建与修改方法<\/h3>
\/\/ 通过消息头和请求体重建请求
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> buildHttpMessage<\/span>(<\/span>List<<\/span>String><\/span> headers,<\/span> byte<\/span>[]<\/span> body);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 通过URL创建GET请求
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> buildHttpRequest<\/span>(<\/span>URL url);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 参数操作
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> addParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span>
<\/span><\/span>byte<\/span>[]<\/span> removeParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span>
<\/span><\/span>byte<\/span>[]<\/span> updateParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 构建参数和消息头
<\/span><\/span><\/span><\/span>IParameter buildParameter<\/span>(<\/span>String name,<\/span> String value,<\/span> byte<\/span> type);<\/span>
<\/span><\/span>IHttpHeader buildHeader<\/span>(<\/span>String name,<\/span> String value);<\/span>
<\/span><\/span><\/code><\/pre>编码工具类<\/h3>
\/\/ URL编码与解码
<\/span><\/span><\/span><\/span>String urlDecode<\/span>(<\/span>String data);<\/span>
<\/span><\/span>String urlEncode<\/span>(<\/span>String data);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ Base64编码与解码
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> base64Decode<\/span>(<\/span>String data);<\/span>
<\/span><\/span>String base64Encode<\/span>(<\/span>byte<\/span>[]<\/span> data);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 字符与字节转换
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> stringToBytes<\/span>(<\/span>String data);<\/span>
<\/span><\/span>String bytesToString<\/span>(<\/span>byte<\/span>[]<\/span> data);<\/span>
<\/span><\/span><\/code><\/pre>HTTP请求发送<\/h2>
使用IBurpExtenderCallbacks<\/code>接口发送修改后的请求：<\/p>
\/\/ 最常用的请求发送方法
<\/span><\/span><\/span><\/span>IHttpRequestResponse makeHttpRequest<\/span>(<\/span>IHttpService httpService,<\/span> byte<\/span>[]<\/span> request);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 其他变体方法
<\/span><\/span><\/span><\/span>IHttpRequestResponse makeHttpRequest<\/span>(<\/span>IHttpService httpService,<\/span> byte<\/span>[]<\/span> request);<\/span>
<\/span><\/span><\/code><\/pre>开发实践示例<\/h2>
1. 解析并修改请求<\/h3>
\/\/ 获取helpers实例
<\/span><\/span><\/span><\/span>IExtensionHelpers helpers =<\/span> callbacks.<\/span>getHelpers<\/span>();<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 解析请求
<\/span><\/span><\/span><\/span>IRequestInfo requestInfo =<\/span> helpers.<\/span>analyzeRequest<\/span>(<\/span>requestResponse);<\/span>
<\/span><\/span>List<<\/span>String><\/span> headers =<\/span> requestInfo.<\/span>getHeaders<\/span>();<\/span>
<\/span><\/span>List<<\/span>IParameter><\/span> parameters =<\/span> requestInfo.<\/span>getParameters<\/span>();<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 修改参数
<\/span><\/span><\/span><\/span>IParameter newParam =<\/span> helpers.<\/span>buildParameter<\/span>(<\/span>"test"<\/span>,<\/span> "123"<\/span>,<\/span> IParameter.<\/span>PARAM_URL<\/span>);<\/span>
<\/span><\/span>byte<\/span>[]<\/span> modifiedRequest =<\/span> helpers.<\/span>addParameter<\/span>(<\/span>requestResponse.<\/span>getRequest<\/span>(),<\/span> newParam);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 发送修改后的请求
<\/span><\/span><\/span><\/span>IHttpRequestResponse modifiedResponse =<\/span> callbacks.<\/span>makeHttpRequest<\/span>(<\/span>
<\/span><\/span>    requestResponse.<\/span>getHttpService<\/span>(),<\/span> modifiedRequest);<\/span>
<\/span><\/span><\/code><\/pre>2. 构建新请求<\/h3>
\/\/ 构建请求头
<\/span><\/span><\/span><\/span>List<<\/span>String><\/span> headers =<\/span> new<\/span> ArrayList<>();<\/span>
<\/span><\/span>headers.<\/span>add<\/span>(<\/span>"GET \/test HTTP\/1.1"<\/span>);<\/span>
<\/span><\/span>headers.<\/span>add<\/span>(<\/span>"Host: example.com"<\/span>);<\/span>
<\/span><\/span>headers.<\/span>add<\/span>(<\/span>"User-Agent: MyBurpPlugin"<\/span>);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 构建请求体
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> body =<\/span> "username=admin&password=123456"<\/span>.<\/span>getBytes<\/span>();<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 构建完整请求
<\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> httpMessage =<\/span> helpers.<\/span>buildHttpMessage<\/span>(<\/span>headers,<\/span> body);<\/span>
<\/span><\/span>
<\/span><\/span>\/\/ 发送请求
<\/span><\/span><\/span><\/span>IHttpService httpService =<\/span> helpers.<\/span>buildHttpService<\/span>(<\/span>"example.com"<\/span>,<\/span> 80<\/span>,<\/span> "http"<\/span>);<\/span>
<\/span><\/span>IHttpRequestResponse response =<\/span> callbacks.<\/span>makeHttpRequest<\/span>(<\/span>httpService,<\/span> httpMessage);<\/span>
<\/span><\/span><\/code><\/pre>注意事项<\/h2>

参数操作时务必指定正确的参数类型(PARAM_URL, PARAM_BODY等)<\/li>
修改请求后需要重新计算Content-Length头部<\/li>
处理二进制数据时使用byte[]<\/code>而非String<\/li>
对于HTTPS请求，确保正确设置IHttpService的协议字段<\/li>
大量请求处理时注意性能优化<\/li>
<\/ol>
总结<\/h2>
通过掌握这些HTTP请求操作方法，你可以开发出各种强大的Burp插件，包括但不限于：<\/p>

自动化漏洞扫描器<\/li>
自定义渗透测试工具<\/li>
请求\/响应修改器<\/li>
流量分析工具<\/li>
漏洞利用工具<\/li>
<\/ul>
这些核心API的组合使用将为你的安全测试工作带来极大的灵活性和效率提升。<\/p>

常量标识<\/th>	参数类型值<\/th>	参数位置与解释<\/th>	典型应用场景<\/th> <\/tr> <\/thead>
PARAM_URL<\/td>	0<\/td>	URL查询参数(?key=value)<\/td>	SQL注入、路径遍历检测<\/td> <\/tr>
PARAM_BODY<\/td>	1<\/td>	POST\/PUT请求中的表单数据或JSON\/XML内容<\/td>	修改POST数据、JSON劫持检测<\/td> <\/tr>
PARAM_COOKIE<\/td>	2<\/td>	Cookie或Set-Cookie字段中的会话标识<\/td>	会话固定攻击测试、Cookie篡改<\/td> <\/tr>
PARAM_XML<\/td>	3<\/td>	XML文档中的节点值<\/td>	XXE漏洞探测、XML结构分析<\/td> <\/tr>
PARAM_XML_ATTR<\/td>	4<\/td>	XML标签的属性<\/td>	属性注入检测(XSS via XML属性)<\/td> <\/tr>
PARAM_MULTIPART_ATTR<\/td>	5<\/td>	上传文件的元数据(filename="test.jpg")<\/td>	文件上传漏洞测试<\/td> <\/tr>
PARAM_JSON<\/td>	6<\/td>	JSON对象中的键值对({"username": "admin"})<\/td>	JSON注入、敏感数据泄露检测<\/td> <\/tr> <\/tbody> <\/table> 报文构建与修改方法<\/h3> \/\/ 通过消息头和请求体重建请求 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> buildHttpMessage<\/span>(<\/span>List<<\/span>String><\/span> headers,<\/span> byte<\/span>[]<\/span> body);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 通过URL创建GET请求 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> buildHttpRequest<\/span>(<\/span>URL url);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 参数操作 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> addParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span> <\/span><\/span>byte<\/span>[]<\/span> removeParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span> <\/span><\/span>byte<\/span>[]<\/span> updateParameter<\/span>(<\/span>byte<\/span>[]<\/span> request,<\/span> IParameter parameter);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 构建参数和消息头 <\/span><\/span><\/span><\/span>IParameter buildParameter<\/span>(<\/span>String name,<\/span> String value,<\/span> byte<\/span> type);<\/span> <\/span><\/span>IHttpHeader buildHeader<\/span>(<\/span>String name,<\/span> String value);<\/span> <\/span><\/span><\/code><\/pre>编码工具类<\/h3> \/\/ URL编码与解码 <\/span><\/span><\/span><\/span>String urlDecode<\/span>(<\/span>String data);<\/span> <\/span><\/span>String urlEncode<\/span>(<\/span>String data);<\/span> <\/span><\/span> <\/span><\/span>\/\/ Base64编码与解码 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> base64Decode<\/span>(<\/span>String data);<\/span> <\/span><\/span>String base64Encode<\/span>(<\/span>byte<\/span>[]<\/span> data);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 字符与字节转换 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> stringToBytes<\/span>(<\/span>String data);<\/span> <\/span><\/span>String bytesToString<\/span>(<\/span>byte<\/span>[]<\/span> data);<\/span> <\/span><\/span><\/code><\/pre>HTTP请求发送<\/h2> 使用IBurpExtenderCallbacks<\/code>接口发送修改后的请求：<\/p> \/\/ 最常用的请求发送方法 <\/span><\/span><\/span><\/span>IHttpRequestResponse makeHttpRequest<\/span>(<\/span>IHttpService httpService,<\/span> byte<\/span>[]<\/span> request);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 其他变体方法 <\/span><\/span><\/span><\/span>IHttpRequestResponse makeHttpRequest<\/span>(<\/span>IHttpService httpService,<\/span> byte<\/span>[]<\/span> request);<\/span> <\/span><\/span><\/code><\/pre>开发实践示例<\/h2> 1. 解析并修改请求<\/h3> \/\/ 获取helpers实例 <\/span><\/span><\/span><\/span>IExtensionHelpers helpers =<\/span> callbacks.<\/span>getHelpers<\/span>();<\/span> <\/span><\/span> <\/span><\/span>\/\/ 解析请求 <\/span><\/span><\/span><\/span>IRequestInfo requestInfo =<\/span> helpers.<\/span>analyzeRequest<\/span>(<\/span>requestResponse);<\/span> <\/span><\/span>List<<\/span>String><\/span> headers =<\/span> requestInfo.<\/span>getHeaders<\/span>();<\/span> <\/span><\/span>List<<\/span>IParameter><\/span> parameters =<\/span> requestInfo.<\/span>getParameters<\/span>();<\/span> <\/span><\/span> <\/span><\/span>\/\/ 修改参数 <\/span><\/span><\/span><\/span>IParameter newParam =<\/span> helpers.<\/span>buildParameter<\/span>(<\/span>"test"<\/span>,<\/span> "123"<\/span>,<\/span> IParameter.<\/span>PARAM_URL<\/span>);<\/span> <\/span><\/span>byte<\/span>[]<\/span> modifiedRequest =<\/span> helpers.<\/span>addParameter<\/span>(<\/span>requestResponse.<\/span>getRequest<\/span>(),<\/span> newParam);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 发送修改后的请求 <\/span><\/span><\/span><\/span>IHttpRequestResponse modifiedResponse =<\/span> callbacks.<\/span>makeHttpRequest<\/span>(<\/span> <\/span><\/span> requestResponse.<\/span>getHttpService<\/span>(),<\/span> modifiedRequest);<\/span> <\/span><\/span><\/code><\/pre>2. 构建新请求<\/h3> \/\/ 构建请求头 <\/span><\/span><\/span><\/span>List<<\/span>String><\/span> headers =<\/span> new<\/span> ArrayList<>();<\/span> <\/span><\/span>headers.<\/span>add<\/span>(<\/span>"GET \/test HTTP\/1.1"<\/span>);<\/span> <\/span><\/span>headers.<\/span>add<\/span>(<\/span>"Host: example.com"<\/span>);<\/span> <\/span><\/span>headers.<\/span>add<\/span>(<\/span>"User-Agent: MyBurpPlugin"<\/span>);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 构建请求体 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> body =<\/span> "username=admin&password=123456"<\/span>.<\/span>getBytes<\/span>();<\/span> <\/span><\/span> <\/span><\/span>\/\/ 构建完整请求 <\/span><\/span><\/span><\/span>byte<\/span>[]<\/span> httpMessage =<\/span> helpers.<\/span>buildHttpMessage<\/span>(<\/span>headers,<\/span> body);<\/span> <\/span><\/span> <\/span><\/span>\/\/ 发送请求 <\/span><\/span><\/span><\/span>IHttpService httpService =<\/span> helpers.<\/span>buildHttpService<\/span>(<\/span>"example.com"<\/span>,<\/span> 80<\/span>,<\/span> "http"<\/span>);<\/span> <\/span><\/span>IHttpRequestResponse response =<\/span> callbacks.<\/span>makeHttpRequest<\/span>(<\/span>httpService,<\/span> httpMessage);<\/span> <\/span><\/span><\/code><\/pre>注意事项<\/h2> 参数操作时务必指定正确的参数类型(PARAM_URL, PARAM_BODY等)<\/li> 修改请求后需要重新计算Content-Length头部<\/li> 处理二进制数据时使用byte[]<\/code>而非String<\/li> 对于HTTPS请求，确保正确设置IHttpService的协议字段<\/li> 大量请求处理时注意性能优化<\/li> <\/ol> 总结<\/h2> 通过掌握这些HTTP请求操作方法，你可以开发出各种强大的Burp插件，包括但不限于：<\/p> 自动化漏洞扫描器<\/li> 自定义渗透测试工具<\/li> 请求\/响应修改器<\/li> 流量分析工具<\/li> 漏洞利用工具<\/li> <\/ul> 这些核心API的组合使用将为你的安全测试工作带来极大的灵活性和效率提升。<\/p>

Burp插件开发：操作HTTP请求详解<\/h1>

前言<\/h2> 本教程详细讲解如何在Burp Suite插件开发中操作HTTP请求，涵盖请求解析、修改、构建和发送的全流程。这是Burp插件开发的核心功能之一，掌握这些知识将帮助你创建强大的安全测试工具。<\/p>

IExtensionHelpers接口<\/h2> IExtensionHelpers接口为Burp插件开发提供核心工具集，通过IBurpExtenderCallbacks.getHelpers()<\/code>获取其实例。<\/p>

开发实践示例<\/h2>

前言<\/h2>
本教程详细讲解如何在Burp Suite插件开发中操作HTTP请求，涵盖请求解析、修改、构建和发送的全流程。这是Burp插件开发的核心功能之一，掌握这些知识将帮助你创建强大的安全测试工具。<\/p>

IExtensionHelpers接口<\/h2>
IExtensionHelpers接口为Burp插件开发提供核心工具集，通过`IBurpExtenderCallbacks.getHelpers()<\/code>获取其实例。<\/p>`