Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Charset problem in intruder

Ahmed | Last updated: Apr 05, 2023 10:40PM UTC

I am testing an app which, in the app, some http requests contains Turkish characters. When i send the request to the repeater there is no problem. But if i send it to intruder i am facing with charset problems. On repeater: İSTANBUL BEŞİKTAŞ On intruder: Ä°STANBUL BEŞİKTAÅž I tried to change Settings -> User Interface -> Inspector and message editor -> Charset sets -> Use spesific character set to "UTF-8". Also i reset the burp settings. But nothing worked. In addition i am trying to write an extension. 1. Get request: helpers.bytesToString(currentRequest.getRequest()) 2. Get request info: IRequestInfo requestInfo = helpers.analyzeRequest(currentRequest.getRequest()); 3. Get request body: String messageBody = request.substring(requestInfo.getBodyOffset()) 4. Build http message: byte[] updateMessage = helpers.buildHttpMessage(headers, messageBody.getBytes()) 5. currentRequest.setRequest(updateMessage) Basicly, i get request body in a string format. And i update the request without modifying the string. But burp can't proccess the turkish character with buildHttpMessage function eventhough string is defined with "UTF-8" charset. The similar charset problem occurs i mentioned above. I found a workaround. I don't convert byte array request to the string. I am parsing byte array directly to obtain http body. However, this is still a bug.

Ahmed | Last updated: Apr 06, 2023 10:12AM UTC

Were you able to reproduce the issue? This is huge problem for us.

Hannah, PortSwigger Agent | Last updated: Apr 11, 2023 04:09PM UTC

Hi In Repeater, if you change the view to "Hex" and then back to "Pretty" or "Raw", does the data also get modified?

Ahmed | Last updated: Apr 12, 2023 11:22AM UTC

No, the data remains the same. This happens only if i send the request to the intruder. I asked my friends to test this behavior. They had the same issue.

Hannah, PortSwigger Agent | Last updated: Apr 14, 2023 09:28AM UTC