Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Can I change the domain name or IP address in stored state?

Pauline | Last updated: Feb 11, 2015 09:57PM UTC

Hello? I would like to scan actively in domain name B using stored burp state when I scanned passively with domain name A. B would run the same service that A have run. Is this possible? If then, could you let me know how to do it? Thank you.

PortSwigger Agent | Last updated: Feb 12, 2015 09:12AM UTC

There are a few ways that you could achieve this: 1. If the application in the new location tolerates you sending the old Host header (usually the case when the server isn't hosting multiple domains), then you can add an entry at Options / Connections / Hostname Resolution to point the old domain name at the IP address of the new one. 2. You could write a short extension like this one (http://blog.portswigger.net/2012/12/sample-burp-suite-extension-traffic.html) to use the API to change the host of outgoing requests. You could also use the API to update the requests with a different Host header, if necessary. 3. You could chain a second instance of Burp as an upstream proxy from the first. In the second instance, you could configure host redirection at Proxy / Options / Proxy Listeners / Edit / Request Handling. You could also configure a rule at Proxy / Options / Match and Replace to rewrite the Host header, if necessary.

Maxim | Last updated: Aug 24, 2020 06:20AM UTC

I cannot use the old domain because the service that provided it has closed. is there a way to replace the old domain with a new one in the project? the above methods are a workaround but not a solution. not being able to change path easily is a problem for me. since quite often the same project is used to test different versions of the same site (dev and production for example). before, in another scanner, I simply specified the path to the desired folder and everything worked. with your software, I have to work in the same folder and constantly change its contents :(. but the real problem happened when I lost my domain name and the only visible solution to start the project from scratch. or constantly change the IP address in the built-in resolver since my test server uses the dyn dns.

Liam, PortSwigger Agent | Last updated: Aug 24, 2020 01:21PM UTC