Research Academy Daily Swig
My account Customers About Blog Careers Legal Contact

Burp Suite User Forum

Login to post

Cannot set up Chromium DevTools overrides in embedded browser

Carl | Last updated: Oct 14, 2020 05:14PM UTC

When I open DevTools -> Sources -> Overrides and select a new folder for overrides, I get the prompt "DevTOols requests full access to [path...]". I click Allow, and then nothing happens. I do not have this issue with Chrome 85 on the same system.

Uthman, PortSwigger Agent | Last updated: Oct 15, 2020 07:23AM UTC

Hi Carl, Can you clarify what you are trying to do, please?

Carl | Last updated: Oct 16, 2020 01:54PM UTC

Please refer to Google's documentation on this feature: https://developers.google.com/web/updates/2018/01/devtools Specifically, the instructions copied from the above link: To set up Local Overrides: 1. Open the Sources panel. 2. Open the Overrides tab. 3. Click Setup Overrides. 4. Select which directory you want to save your changes to. 5. At the top of your viewport, click Allow to give DevTools read and write access to the directory. 6. Make your changes. The issue is that after step 5, the newly added directory should appear in the Overrides tab, and the user could proceed with using the Overrides feature. This is not the case for the Burp embedded browser. I originally discovered this issue in Burp Pro 2020.9.2 on Windows 10, and just now was able to reproduce in Burp Community 2020.9.1 on Kali.

Uthman, PortSwigger Agent | Last updated: Oct 16, 2020 02:37PM UTC

Thanks a lot. The embedded browser is launched with a lot of default command-line parameters. One of these is --disable-file-system, which I presume is causing your issue. Our development team will look into this further to determine which parameters are appropriate for the proxy browser and which are appropriate for the crawl.

Carl | Last updated: Oct 16, 2020 04:37PM UTC

Thanks for the update. The overrides feature is a great way for a pentester to modify javascript on the fly. It would be great if the Burp browser can support it.

You need to Log in to post a reply. Or register here, for free.