Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

disable Payload encoding and auto load payloads through API

ragu | Last updated: Feb 03, 2015 08:25AM UTC

It would be nice if the payloads get automatically loaded from custom file when invoking sendToIntruder method and API method to disable URL encode these characters through API. Thereby launching the attack through API

PortSwigger Agent | Last updated: Feb 03, 2015 09:05AM UTC

It's in our roadmap to provide an API to allow extensions to configure the details of Intruder attacks and launch them programmatically. We can't currently provide an ETA for this feature, sorry. If you want to repeat an attack numerous times using the same payload list on a different base request template, you can use the Option at Intruder menu / New tab behavior / Copy configuration from first tab, and then configure your payloads and other settings once in the first tab. They will be copied to each newly created tab.

Burp User | Last updated: Feb 03, 2015 10:15AM UTC

Thank you ! I am getting the payloads by copy configuration from first tab but I disabled the URL encoding in the first tab and its not getting disabled in the new tabs. can u please help me sorting it out this

PortSwigger Agent | Last updated: Feb 03, 2015 01:32PM UTC

In our testing, the option to URL-encode payloads is being copied from the first tab to a newly created tab, if you have enabled the "Copy configuration from first tab" option.

Burp User | Last updated: Apr 25, 2016 02:46AM UTC

Your answer saved my life ,while i used to use url-decode payload processor to handle this issue? My question is that simple list paylad tab cannot paste unicode words like Chinese '???',it woud be nice if add a unicode url encoding functionality to %e6%af%9b%e6%b3%bd%e4%b8%9c?you can refer http://tool.chinaz.com/tools/urlencode.aspx,thanks ,burp suite is the greatest http fuzz tools !

Burp User | Last updated: Apr 25, 2016 03:05AM UTC

I got a hack method ,URL-encode these charactoers,but it still can not dispayl properly?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.