Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

websocket history garbled text

3iyakebouty | Last updated: Mar 18, 2024 09:10AM UTC

Only websockethistory is garbled. httphistory and others are not garbled. How can I fix the garbled websockethistory? I'm attaching a photo. https://app.box.com/s/7tld09810h7l11wy5feq8z6gt81lu828 https://app.box.com/s/6ypqef8ahtmbp3ckynwdwdnox263u0y3

Hannah, PortSwigger Agent | Last updated: Mar 18, 2024 02:08PM UTC

Hi Is your WebSocket connection sending multi-byte characters or binary data?

3iyakebouty | Last updated: Mar 19, 2024 01:20AM UTC

Hi That's right,multi-byte

3iyakebouty | Last updated: Mar 19, 2024 11:58AM UTC

How can I display the text without garbling?

Hannah, PortSwigger Agent | Last updated: Mar 19, 2024 02:24PM UTC

Hi Are you able to send a copy of what the message should display? Is the direction of this message Client to Server or Server to Client? Do you have any extensions installed in Burp? If you disable all extensions, does this behavior stay the same?

3iyakebouty | Last updated: Mar 20, 2024 01:13AM UTC

Hi I tried to copy it, but the garbled text won't let me paste the copy properly. This is a request from the client to the server But in either case, it's garbled.

3iyakebouty | Last updated: Mar 20, 2024 04:43AM UTC

I was able to copy As follows ��search__users��Y,!t@�TESS(� please treat me favorably

3iyakebouty | Last updated: Mar 20, 2024 12:31PM UTC

I deleted all the extensions, but no luck.

Hannah, PortSwigger Agent | Last updated: Mar 20, 2024 04:17PM UTC

Thanks for that information. I've tested providing multi-byte characters through a WebSocket connection on one of our Web Academy labs (https://portswigger.net/web-security/websockets/lab-manipulating-messages-to-exploit-vulnerabilities), and it is successfully displayed in the WebSockets message editor. Could you try this out and see if this displays correctly for you? If you toggle the "Show non-printable characters" option, are there any byte characters displayed?

3iyakebouty | Last updated: Mar 21, 2024 09:20AM UTC

Thanks for the offer. The lab you provided shows multibyte just fine, so it may be in binary format. Can't I get it to display correctly if it's in binary format?

Hannah, PortSwigger Agent | Last updated: Mar 21, 2024 01:22PM UTC

Binary data isn't really representable in a String format - we'd recommend enabling non-printable character view, or taking a look at the raw data using the Hex tab view.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.