Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp possibly doesn't close HTTP2 gRPC connection gracefully

skb | Last updated: Jan 11, 2023 12:49AM UTC

First of all, thank you for your great efforts to make HTTP2 available in Burp. I'm using Go gRPC example application named RouteGuide(https://github.com/grpc/grpc-go/tree/master/examples/route_guide) to check Burp can proxy HTTP2 gRPC messages. I configured burp to: - Support HTTP/2 - Default to HTTP/2 if the server supports it As a result of simple testing, I confirmed Burp seems to be able to proxy all kind of gRPC messages(unary, client/server/bidirectional streaming) and to record these messages in history. However, if Burp proxies the message, client dumps an error saying that server closed the stream without sending trailers. I guess Burp fails to close the stream gracefully (possibly failing to send trailers back to the client?). It might be I'm missing some configuration. I appreciate if you have any ideas to solve. Thank you.

Hannah, PortSwigger Agent | Last updated: Jan 11, 2023 10:12AM UTC

Hi Unfortunately, gRPC is not supported in Burp. We're also not able to send trailing headers with HTTP/2. We have an ongoing feature request for this functionality, to which we have added your +1.

Japh07 | Last updated: Jan 29, 2023 11:31PM UTC

+1

William | Last updated: Mar 16, 2023 09:50PM UTC

+1

Hannah, PortSwigger Agent | Last updated: Mar 17, 2023 09:47AM UTC

Thnks for the feedback, we've added your +1's to the ongoing feature request.

Serhat | Last updated: Apr 17, 2023 10:39AM UTC

+1

Niv | Last updated: May 14, 2023 11:56AM UTC

+1

Hannah, PortSwigger Agent | Last updated: May 15, 2023 08:38AM UTC

We've added your additional plus ones as well.

Christian | Last updated: May 15, 2023 09:24PM UTC

+1

Akram | Last updated: Jun 17, 2023 09:50PM UTC

+1

Hannah, PortSwigger Agent | Last updated: Jun 19, 2023 08:38AM UTC

Thanks for the feedback, we've added these plus ones.

Sachin | Last updated: Jun 21, 2023 05:24PM UTC

+1

Andres | Last updated: Jun 21, 2023 05:25PM UTC

+9000

Hannah, PortSwigger Agent | Last updated: Jun 22, 2023 08:15AM UTC

Thank you, we've also added these to the ongoing ticket.

Steven | Last updated: Jun 26, 2023 08:59AM UTC

+1 :)

Aleksandr | Last updated: Jul 16, 2023 05:28AM UTC

+1

Hannah, PortSwigger Agent | Last updated: Jul 17, 2023 09:02AM UTC

Thank you! We've also added these +1s.

Ali | Last updated: Sep 19, 2023 04:56PM UTC

+1 and check this https://github.com/nxenon/grpc-pentest-suite

Dominyque, PortSwigger Agent | Last updated: Sep 20, 2023 07:07AM UTC

Hi Ali I have added your interest to the feature request.

navdeep | Last updated: Oct 13, 2023 02:09PM UTC

Cool + check this https://github.com/grpc-ecosystem/awesome-grpc#tools

Vanderlei | Last updated: Dec 01, 2023 09:02AM UTC

+1

Ben, PortSwigger Agent | Last updated: Dec 01, 2023 10:36AM UTC

Thank you. We have recorded your interest in this feature and will update this forum thread if we have any further news to share.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.