Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
Contents of the article
PyCript is a Burp Suite extension that allows you to bypass client-side encryption. It allows you to easily encrypt and decrypt requests, allowing you to bypass security measures. Let's take a closer look at this extension.
Manual installation
Download the PyCript repository from GitHub:
Alternatively, download the repository as a zip archive. Unzip the contents of the zip file if you choose this download method.
Open Burp Suite and go to the Extender tab.
Click the Add button to add a new extension.
In the Extension Type field, select Python.
Click Select file and locate the pycript.py file in the repository you downloaded.
Click Open to load the PyCript extension into Burp Suite.
The PyCript extension should now appear in the Extensions tab in Burp Suite.
PyCript now allows you to choose language executables, such as python.exe or go.exe, depending on the operating system.
There are two options:
Example request:
In the Additional Settings tab you can configure the following parameters:
The Auto Encrypt feature (YouTube demo) allows you to automatically encrypt queries in Burp Suite, which is especially useful for automated scans such as Burp Suite Active Scan or SQLMAP.
The PyCript menu also provides functions for quickly encrypting and decrypting strings and queries via the Burp Suite context menu.
- PyCript Features
- Installing PyCript
- Choosing a programming language
- Example of using PyCript
PyCript is a Burp Suite extension that allows you to bypass client-side encryption. It allows you to easily encrypt and decrypt requests, allowing you to bypass security measures. Let's take a closer look at this extension.
PyCript Features
PyCript supports customization of encryption and decryption process using JavaScript and Node.js, which makes it adaptable for different tasks. It works in both manual and automatic modes, supporting plugins.- Encrypt and decrypt selected strings from requests and responses.
- View and edit encrypted requests.
- Decoding multiple queries.
- Conducting Burp Scanner, SQL Map, brute force with Intruder and other automated operations.
- Automatic encryption of requests on the fly.
- Complete freedom in creating encryption and decryption logic.
- Support for encryption and decryption using a key and initialization vector (IV) from the request headers or body.
Installing PyCript
It can be installed via Burp Suite BApp Store or manually.Manual installation
Download the PyCript repository from GitHub:
Code:
git clone https://github.com/Anof-cyber/PyCriptAlternatively, download the repository as a zip archive. Unzip the contents of the zip file if you choose this download method.
Open Burp Suite and go to the Extender tab.
Click the Add button to add a new extension.
In the Extension Type field, select Python.
Click Select file and locate the pycript.py file in the repository you downloaded.
Click Open to load the PyCript extension into Burp Suite.
The PyCript extension should now appear in the Extensions tab in Burp Suite.
Choosing a programming language
Since version 0.4, PyCript supports multiple languages and allows you to run scripts without requiring the language to be present in your system environment. In earlier versions, you had to select a language from a drop-down list (Python, Java, or Node.js), and the extension expected them to be available in your system environment so that they could be called from any terminal.PyCript now allows you to choose language executables, such as python.exe or go.exe, depending on the operating system.
There are two options:
- Click the Select Language Binary Path button and select the language executable file.
- Or paste the full path directly into the text field.
- If you are using a bash script, it is enough to specify bash or choose the path to a shell, such as / bin / sh or / bin / bash.
- For a PowerShell script, specify powershell . exe - File .
- For Java, you can simply select the full path to the executable file or enter java.
- If you are using compiled binaries (C, C++, Go, etc.), just leave the field blank - the extension will launch the executable file directly.
Example of using PyCript
The Config tab allows you to configure encryption and decryption of requests and responses. You can choose what to apply encryption/decryption to: requests, responses, or both. You can also specify the preferred programming language and upload files for encryption/decryption.Example request:
Code:
POST /api/getuser HTTP/1.1
Host: 127.0.0.1:8000
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Connection: close
Cache-Control: max-age=0
Content-Type: application/json
Content-Length: 24
AEIwJOtaQXdO9qzIJFIhEQ==In the Additional Settings tab you can configure the following parameters:
- Language: Selectable for encryption and decryption.
- Encryption Method: Available only for request settings, used to encrypt GET parameters or the request body.
- Encryption/Decryption for: Configurable for requests, responses, or both.
- Files for request/response encryption: You can select the appropriate files depending on the selected language.
The Auto Encrypt feature (YouTube demo) allows you to automatically encrypt queries in Burp Suite, which is especially useful for automated scans such as Burp Suite Active Scan or SQLMAP.
The PyCript menu also provides functions for quickly encrypting and decrypting strings and queries via the Burp Suite context menu.
