From ddca03f64a6574e50343f620af3d34468a4d44df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bendeg=C3=BAz=20Nagy?= <bendeguz.nagy@protonmail.com>
Date: Wed, 30 Oct 2019 08:44:35 +0100
Subject: [PATCH 1/3] Fix reading burplog payloads

The burplog.py payload type improperly passes an str as the response_content to FuzzRequest::update_from_raw_http
as the method is expecting a bytes object. However, the method is not consistent as it expects str for the
request content (raw parameter) and a  bytes object for the response_content parameter. The method now won't try
to decode str objects.
---
 src/wfuzz/fuzzobjects.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/wfuzz/fuzzobjects.py b/src/wfuzz/fuzzobjects.py
index caaf30b7..b3c514d4 100644
--- a/src/wfuzz/fuzzobjects.py
+++ b/src/wfuzz/fuzzobjects.py
@@ -339,7 +339,8 @@ def update_from_raw_http(self, raw, scheme, raw_response=None, raw_content=None)
 
         if raw_response:
             rp = Response()
-            raw_response = python2_3_convert_from_unicode(raw_response.decode("utf-8", errors='surrogateescape'))
+            if not isinstance(raw_response, str):
+                raw_response = python2_3_convert_from_unicode(raw_response.decode("utf-8", errors='surrogateescape'))
             rp.parseResponse(raw_response, raw_content)
             self._request.response = rp
 

From fcbd3894ad6ce958fcab25773f6e0f4c1ca2de8c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bendeg=C3=BAz=20Nagy?= <bendeguz.nagy@protonmail.com>
Date: Wed, 30 Oct 2019 09:48:27 +0100
Subject: [PATCH 2/3] Feature: add parsing items saved from Burpsuite

We can save requests/responses from Burpsuite via rightclick save item(s). They can now be read
with '-z burpitem,file'.
---
 src/wfuzz/plugins/payloads/burpitem.py | 67 ++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 src/wfuzz/plugins/payloads/burpitem.py

diff --git a/src/wfuzz/plugins/payloads/burpitem.py b/src/wfuzz/plugins/payloads/burpitem.py
new file mode 100644
index 00000000..e278333f
--- /dev/null
+++ b/src/wfuzz/plugins/payloads/burpitem.py
@@ -0,0 +1,67 @@
+import pickle as pickle
+import gzip
+
+from wfuzz.externals.moduleman.plugin import moduleman_plugin
+from wfuzz.exception import FuzzExceptBadFile
+from wfuzz.fuzzobjects import FuzzResult, FuzzRequest
+from wfuzz.plugin_api.base import BasePayload
+from wfuzz.utils import rgetattr
+import xml.etree.cElementTree as ET
+from base64 import b64decode
+
+
+@moduleman_plugin
+class burpitem(BasePayload):
+    name = "burpitem"
+    author = ("Bendegúz Nagy (@PaperTsar)",)
+    version = "0.1"
+    description = (
+        "This payload loads request/response from items saved from Burpsuite."
+    )
+    summary = "This payload loads request/response from items saved from Burpsuite."
+    category = ["default"]
+    priority = 99
+
+    parameters = (
+        ("fn", "", True, "Filename of a valid Burp item file."),
+        ("attr", None, False, "Attribute of fuzzresult to return. If not specified the whole object is returned."),
+    )
+
+    default_parameter = "fn"
+
+    def __init__(self, params):
+        BasePayload.__init__(self, params)
+
+        self.__max = -1
+        self.attr = self.params["attr"]
+        self._it = self._gen_burpitem(self.params["fn"])
+
+    def __iter__(self):
+        return self
+
+    def count(self):
+        return self.__max
+
+    def __next__(self):
+        next_item = next(self._it)
+
+        return next_item if not self.attr else rgetattr(next_item, self.attr)
+
+    def _gen_burpitem(self, output_fn):
+        try:
+            tree = ET.parse(self.find_file(output_fn))
+            for item in tree.getroot().iter('item'):
+                fr = FuzzRequest()
+                fr.update_from_raw_http(raw=b64decode(item.find('request').text or "").decode('utf-8'),
+                                        scheme=item.find('protocol').text,
+                                        raw_response=b64decode(item.find('response').text or ""))
+                fr.wf_ip = {'ip': item.find('host').attrib.get('ip', None) or item.find('host').text,
+                            'port': item.find('port').text}
+                frr = FuzzResult(history=fr)
+
+                yield frr.update()
+            return
+        except IOError as e:
+            raise FuzzExceptBadFile("Error opening Burp items payload file. %s" % str(e))
+        except EOFError:
+            return

From 58e1f40ffe81be44ecccd7356ee539e0908758bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bendeg=C3=BAz=20Nagy?= <bendeguz.nagy@protonmail.com>
Date: Wed, 30 Oct 2019 09:56:37 +0100
Subject: [PATCH 3/3] Revert "Feature: add parsing items saved from Burpsuite"

This reverts commit fcbd3894ad6ce958fcab25773f6e0f4c1ca2de8c.
---
 src/wfuzz/plugins/payloads/burpitem.py | 67 --------------------------
 1 file changed, 67 deletions(-)
 delete mode 100644 src/wfuzz/plugins/payloads/burpitem.py

diff --git a/src/wfuzz/plugins/payloads/burpitem.py b/src/wfuzz/plugins/payloads/burpitem.py
deleted file mode 100644
index e278333f..00000000
--- a/src/wfuzz/plugins/payloads/burpitem.py
+++ /dev/null
@@ -1,67 +0,0 @@
-import pickle as pickle
-import gzip
-
-from wfuzz.externals.moduleman.plugin import moduleman_plugin
-from wfuzz.exception import FuzzExceptBadFile
-from wfuzz.fuzzobjects import FuzzResult, FuzzRequest
-from wfuzz.plugin_api.base import BasePayload
-from wfuzz.utils import rgetattr
-import xml.etree.cElementTree as ET
-from base64 import b64decode
-
-
-@moduleman_plugin
-class burpitem(BasePayload):
-    name = "burpitem"
-    author = ("Bendegúz Nagy (@PaperTsar)",)
-    version = "0.1"
-    description = (
-        "This payload loads request/response from items saved from Burpsuite."
-    )
-    summary = "This payload loads request/response from items saved from Burpsuite."
-    category = ["default"]
-    priority = 99
-
-    parameters = (
-        ("fn", "", True, "Filename of a valid Burp item file."),
-        ("attr", None, False, "Attribute of fuzzresult to return. If not specified the whole object is returned."),
-    )
-
-    default_parameter = "fn"
-
-    def __init__(self, params):
-        BasePayload.__init__(self, params)
-
-        self.__max = -1
-        self.attr = self.params["attr"]
-        self._it = self._gen_burpitem(self.params["fn"])
-
-    def __iter__(self):
-        return self
-
-    def count(self):
-        return self.__max
-
-    def __next__(self):
-        next_item = next(self._it)
-
-        return next_item if not self.attr else rgetattr(next_item, self.attr)
-
-    def _gen_burpitem(self, output_fn):
-        try:
-            tree = ET.parse(self.find_file(output_fn))
-            for item in tree.getroot().iter('item'):
-                fr = FuzzRequest()
-                fr.update_from_raw_http(raw=b64decode(item.find('request').text or "").decode('utf-8'),
-                                        scheme=item.find('protocol').text,
-                                        raw_response=b64decode(item.find('response').text or ""))
-                fr.wf_ip = {'ip': item.find('host').attrib.get('ip', None) or item.find('host').text,
-                            'port': item.find('port').text}
-                frr = FuzzResult(history=fr)
-
-                yield frr.update()
-            return
-        except IOError as e:
-            raise FuzzExceptBadFile("Error opening Burp items payload file. %s" % str(e))
-        except EOFError:
-            return