crash.software
Projects
Pull Requests
Issues
Builds
param-miner
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY param-miner Commits a9eabce1
🤬
  • ■ ■ ■ ■ ■ ■
    src/burp/HeaderMutationGuesser.java
    skipped 47 lines
    48 48   continue;
    49 49   }
    50 50  
    51  - if (frontError.length == 0 || noErr.length == 0) {
     51 + if (frontError == null || noErr == null || frontError.length == 0 || noErr.length == 0) {
    52 52   String host = frontErrReq.getHttpService().getHost();
    53 53   Utilities.out("Failed to fetch request while guessing mutations " + host);
    54 54   continue;
    skipped 8 lines
    63 63   IHttpRequestResponse testReqResp = this.requestHeader(baseReq, mutated);
    64 64   byte[] testReq = testReqResp.getResponse();
    65 65  
     66 + if (testReq == null) {
     67 + String host = testReqResp.getHttpService().getHost();
     68 + Utilities.out("Failed to send request to host " + host + " using mutation " + mutation + " using junk value");
     69 + continue;
     70 + }
     71 +
    66 72   // Check that:
    67 73   // 1. We have a different error than the front-end error
    68 74   // 2. We have an error at all (i.e. not the same as the base request
    skipped 2 lines
    71 77   mutated = mutator.mutate(testHeaderValid, mutation);
    72 78   IHttpRequestResponse validReqResp = this.requestHeader(baseReq, mutated);
    73 79   byte[] validResp = validReqResp.getResponse();
     80 + if (validResp == null) {
     81 + String host = validReqResp.getHttpService().getHost();
     82 + Utilities.out("Failed to send request to host " + host + " using mutation " + mutation + " with valid value");
     83 + }
    74 84   if (this.requestMatch(noErr, validResp)) {
    75 85   ret.add(mutation);
    76 86   IHttpRequestResponse[] reqs = new IHttpRequestResponse[4];
    skipped 57 lines
    134 144   }
    135 145  
    136 146   private boolean requestMatch(byte[] resp1, byte[] resp2) {
     147 + if (resp1 == null || resp2 == null) {
     148 + return false;
     149 + }
     150 +
    137 151   IResponseInfo info1 = Utilities.helpers.analyzeResponse(resp1);
    138 152   IResponseInfo info2 = Utilities.helpers.analyzeResponse(resp2);
    139 153   if (info1.getStatusCode() != info2.getStatusCode()) {
    skipped 36 lines
Please wait...
Page is in error, reload to recover