Using Burp Bambdas to filter proxy logs based on unmodified requests
A typical usage pattern for me in application testing is that I will write python scripts to automate various attacks against endpoints &c. What I want to do is add a header each request of the form "Script-Name: sys.argv[0]". My burp configuration json file has an entry in .proxy.match_replace_rules of the form
{
"comment":"Strip out Script-Name Header string",
"enabled":true,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^Script-Name: .*$"
}
Basically the idea is to add some metadata to the requests for my purposes, but strip it out before sending it on to the remote server. (Not stripping it out has not mattered yet, but it seems like better opsec in general).
Both parts of the sequence work, and my Burp Proxy History has entries with Original and Auto-Modified requests. However, if I write a bambda search function of the form
return requestResponse.request().hasHeader("Script-Name")
I get no results. (This is also the case if I use requestResponse.finalRequest()). I can't find any way to filter based on the original request. There are ways of tagging the requests w/o that tag information being useful to the remote server (e.g. the version of Firefox in the User-Agent header could be set to some number based on the script in use), but it would be easier in general if I could just filter based on original requests.
Is there already a way to do this, or need I take this up with PortSwigger?
