Burp Suite User Forum

Login to post

Domain with underscore gives error

Raf | Last updated: Aug 12, 2022 03:34PM UTC

I am trying to perform some tests on a website which domain name contains the underscore character '_' , the browser throws a 'ERR_SSL_PROTOCOL_ERROR', it doesn't even intercept requests made to the website and the only workaround is to manually substitute the domain name with the IP address before making the request.

Michelle, PortSwigger Agent | Last updated: Aug 12, 2022 03:45PM UTC

Thanks for getting in touch. Can you confirm which version of Burp you are using and which of the tools you were using within Burp, please? Are you happy to share some screenshots with us, if so can you send them over to support@portswigger.net, please?

Yvonneeeee | Last updated: Nov 08, 2022 02:36AM UTC

same question! Is there any update information

Michelle, PortSwigger Agent | Last updated: Nov 08, 2022 09:13AM UTC

Thanks for getting in touch. So that we can check if this matches a scenario we already have logged, can you please confirm the following: - The version of Burp Suite you are using - The URL that is causing issues (if this is something you are able to share, if you would prefer to share this with us directly, please email it to support@portswigger.net) - Any errors that are displayed in Burp when you try to connect to this URL - Whether you are experiencing this issue when browsing to the site using Burp's Proxy or whether you are using a different tool within Burp

Gem | Last updated: Dec 09, 2022 09:38PM UTC

Seeing this same behavior on domains with an underscore (_): This site can’t provide a secure connection test_test.example.com sent an invalid response. ERR_SSL_PROTOCOL_ERROR Burp v2022.11.4

Michelle, PortSwigger Agent | Last updated: Dec 12, 2022 10:08AM UTC

Thanks for getting in touch. Underscores should not generally be forming part of dNSNames and the phasing out of underscore characters is described here: https://cabforum.org/2018/11/12/ballot-sc-12-sunset-of-underscores-in-dnsnames/ How often are you coming up against this issue? Which tool are you using within Burp when you have problems?

Niv | Last updated: Jan 06, 2023 12:13PM UTC

Hello PortSwigger team, During a recent penetration testing engagement, I encountered a problem with intercepting HTTP traffic when using the new version of Burp Suite. This issue appeared when attempting to handle domain names containing underscore, as the tool could not handle them properly. After experimenting with various approaches, I discovered that using an older version of Burp Suite (burpsuite_pro_v2022.11.4.jar) in conjunction with JDK-11.0.17+8 allowed me to successfully intercept requests to a domain name containing the underscore (that is non-compliant with RFC standards). Additionally, I found that the Intruder tool could initiate requests to this domain name without issue, even when it contained an underscore. Thank you, Niv

Niv | Last updated: Jan 06, 2023 12:17PM UTC

I want to clarify that I made a mistake in my previous comment. The correct tool I was referring to is the Repeater tool, not the Intruder tool. Best regards, Niv

Liam, PortSwigger Agent | Last updated: Jan 06, 2023 02:18PM UTC

Thanks for clarifying, Niv. We'll consider your comments and update the thread in due course.

Liam, PortSwigger Agent | Last updated: Jan 09, 2023 09:37AM UTC

We've discussed this internally. For Burp Proxy, Java takes care of the TLS handshake; we're pretty restricted in what we can do with inbound requests. It might be possible to use older versions of Burp/Java as a workaround, but this isn't something we have tested. We can work around these restrictions for outbound requests (Repeater, Scanner, etc.).

Adastra | Last updated: Jul 19, 2023 08:24PM UTC

Same issue here. I've just acquired the PRO version of Burp Suite to perform a pentest for my client and domain contains underscores "_" and the Browser returns ERR_SSL_PROTOCOL_ERROR In the dashboard I can see a message error from the Proxy, it says "Illegal server name, type)host_name{0}" I've tried Java 17, 18, 19 and 20 with the latest versión of Burp Pro (2023.6.2). Same results in every case. ¿Some solution or recommendation? Regards.

Adastra | Last updated: Jul 20, 2023 06:56AM UTC

UPDATE: I've tried to use the latest ZAP version with Java 17, 18, 19 and 20 and works perfectly in every case, no errors when I want to access to the domain with underscore "_". So, I guess this is not a problem in Java in any version, seems it's a problem in Burp Suite Pro

Dominyque, PortSwigger Agent | Last updated: Jul 21, 2023 07:35AM UTC

Hi Adastra Can you please email support@portswigger.net with the following: - Screen recording of the browser error you receive in Burp when it fails - Screen recording of it working in Zap, please

You need to Log in to post a reply. Or register here, for free.