...

/

Extension Example 3: HTTP Proxy JWT Decoder

Extension Example 3: HTTP Proxy JWT Decoder

We will learn how to create a practical plugin that decodes JWT tokens present in the request header under the "Proxy" tab.

In this chapter, we will create a “Proxy” tab extender plugin that will decode the JWT token present in the request header and output its decoded value on the go. To achieve this functionality, we need to implement the IMessageEditorTabFactory interface and register it as we normally do.

Note: IMessageEditorTabFactory implementation function returns an IMessageEditorTab instance which tells Burp what a new tab under Burp Proxy will look like.

Implement IMessageEditorTab Interface

The IMessageEditorTab interface will tell Burp what to do in the new tab that is returned by the IMessageEditorTabFactory.

Below is an example of how the Tab class looks abstractly.

package burp;

import java.awt.*;

public class JWTDecodeTab implements IMessageEditorTab {

    private boolean editable;
    private ITextEditor txtInput;
    private byte[] currentMessage;
    private IBurpExtenderCallbacks callbacks;

    public JWTDecodeTab(IMessageEditorController controller, boolean editable) {
    }

    @Override public
...