Skip to content

Commit 3fc7218

Browse files
github-actions[bot]github-actions[bot]
committed
Update README.md files
1 parent 70287c8 commit 3fc7218

1 file changed

Lines changed: 38 additions & 0 deletions

File tree

CustomAction/README.md

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,44 @@ Please do not manually edit this file, or include any changes to this file in pu
55
-->
66
# Custom Actions
77
Documentation: [Custom actions](https://portswigger.net/burp/documentation/desktop/tools/repeater/http-messages/custom-actions)
8+
## [ApiDowngradeUpgrade.bambda](https://github.com/PortSwigger/bambdas/blob/main/CustomAction/ApiDowngradeUpgrade.bambda)
9+
### This Downgrade and Upgrade api version based on your current version
10+
#### Author: radinanti (https://github.com/radinanti)
11+
```java
12+
var baserequest = requestResponse.request();
13+
String urlStr = baserequest.url();
14+
logging().logToOutput("Original URL: " + urlStr);
15+
/* ── Parse URL ─────────────────────────────────── */
16+
String path = baserequest.path();
17+
Pattern versionPattern = Pattern.compile("/v(\\d+)");
18+
Matcher matcher = versionPattern.matcher(path);
19+
if (!matcher.find()) {
20+
logging().logToOutput("No version (/v[NUM]) found in path.");
21+
return;
22+
}
23+
String currentVersion = matcher.group(0);
24+
/* ── Log detected version ─────────────────────────────────── */
25+
logging().logToOutput("Detected version: " + currentVersion);
26+
for (int i = 1; i <= 5; i++) {
27+
// This checks v1 to v5 if you want more or less change the numbers
28+
String newVersion = "/v" + i;
29+
if (newVersion.equals(currentVersion)) continue;
30+
String newPath = path.replace(currentVersion, newVersion);
31+
32+
logging().logToOutput("Sending modified URL: " + newPath);
33+
var newRequest = baserequest.withPath(newPath);
34+
var response = api.http().sendRequest(newRequest);
35+
if (response == null) {
36+
logging().logToOutput(newVersion + " → No response");
37+
continue;
38+
}
39+
int status = response.response().statusCode();
40+
logging().logToOutput(newVersion + " → Status Code: " + status);
41+
logging().logToOutput(response.response().headerValue("Content-Type"));
42+
logging().logToOutput("=====================================================");
43+
}
44+
45+
```
846
## [BypassFirstRequestValidation.bambda](https://github.com/PortSwigger/bambdas/blob/main/CustomAction/BypassFirstRequestValidation.bambda)
947
### This hides your repeater request behind an innocent GET request. It's useful for bypassing server-level validation sometimes.
1048
#### Author: James Kettle (https://github.com/albinowax)

0 commit comments

Comments
 (0)