Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Collaborator payloads in Intruder fuzzing does not work

Piotr | Last updated: Dec 07, 2023 08:36AM UTC

Hi, The case is as follows: I am using Intruder with "Fuzzing - full" dictionary and I've set payload processing: "Replace [base] with base value of payload position", "Replace [domain] with collaborator interaction id" and "URL-encode key characters". Once, I've took one of collaborator payload generated during fuzzing with Intruder and use in in curl and web browser to check if the collab payload works (either with http and https). I've noticed that none of the request was captured by the Collaborator tool. I've run collaborator health check and everything works fine. Right now it seems that out-of-band check during fuzzing with Intruder doesn't work ...

Michelle, PortSwigger Agent | Last updated: Dec 07, 2023 10:31AM UTC

Hi In the Intruder attack window, do you see the number in the Interactions column increase when you are checking to see if the payload works? If it helps to send screenshots, feel free to email them to support@portswigger.net.

Piotr | Last updated: Dec 07, 2023 10:41AM UTC

Thank you for answer. Yes, I can confirm that "Interactions" column shown the exact number of requests sent to collaborator. It's a pity that such information is not shown in the collaborator tab. Is there option to show such information (about interaction) in details rather than just a simple number?

Michelle, PortSwigger Agent | Last updated: Dec 07, 2023 10:46AM UTC

If you select the row in the Attack results table that has interactions, you will be able to see the requests and responses for the Collaborator interactions. By displaying these with the attack results, it allows you to pinpoint which of the attack payloads resulted in the interactions more easily, especially if it is a large intruder attack.

Piotr | Last updated: Dec 07, 2023 10:59AM UTC

I can see it. Thank you for help. Maybe it's a good topic for short YouTube tutorial? I am working with Burp for years and I didn't know about this awesome feature ;)

Michelle, PortSwigger Agent | Last updated: Dec 08, 2023 08:49AM UTC

Thanks for the feedback. The feature does get a brief mention here: https://portswigger.net/burp/documentation/desktop/tools/intruder/results/viewing-results We'll bear this in mind though for when we're choosing examples for future videos :)

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.