Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp Suite - Intruder

0xxen | Last updated: Oct 08, 2024 08:04AM UTC

Hi, I'm recently trying to solve the Business Logic Lab (https://portswigger.net/web-security/logic-flaws/examples/lab-logic-flaws-low-level). After many tries, I couldn't solve the lab and when I try to follow and understanding the lab through the Solution and Community Solutions, it must using Burp's intruder with Null Payloads. But, the problem is when using the Burp version 2024.9, when we want to set Null Payloads in the new layout of intruder tab, its so confusing and could not be done because we must set a payload position first then set type of payloads. If we follow the solution, it can be set to Null Payload directly without need to set the payload position. If we set payload position first and set Null Payloads, the intruder do not work properly as we set to using Null Payloads. Hope you understand the problem and have a fix about this issue. Thank you.

Hannah, PortSwigger Agent | Last updated: Oct 14, 2024 02:53PM UTC

Hi We are aware that this change to the payloads tab has meant that you cannot use a null attack with no payload position. We're planning to change this in an upcoming version of Burp. You should still be able to complete this lab similarly by adding a payload position. The null payloads can still be continued indefinitely in the same way, just with a single payload position.

0xxen | Last updated: Oct 15, 2024 03:07AM UTC