Extension Example 3: HTTP Proxy JWT Decoder
We will learn how to create a practical plugin that decodes JWT tokens present in the request header under the "Proxy" tab.
In this chapter, we will create a “Proxy” tab extender plugin that will decode the JWT token present in the request header and output its decoded value on the go. To achieve this functionality, we need to implement the IMessageEditorTabFactory
interface and register it as we normally do.
Note:
IMessageEditorTabFactory
implementation function returns anIMessageEditorTab
instance which tells Burp what a new tab under Burp Proxy will look like.
Implement IMessageEditorTab Interface
The IMessageEditorTab
interface will tell Burp what to do in the new tab that is returned by the IMessageEditorTabFactory
.
Below is an example of how the Tab
class looks abstractly.
package burp;
import java.awt.*;
public class JWTDecodeTab implements IMessageEditorTab {
private boolean editable;
private ITextEditor txtInput;
private byte[] currentMessage;
private IBurpExtenderCallbacks callbacks;
public JWTDecodeTab(IMessageEditorController controller, boolean editable) {
}
@Override public
...