Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

extract uploaded image from burp http history

Paulius | Last updated: Jan 25, 2021 12:23PM UTC

Hello, anyone knows how to extract the image from burp history after it was uploaded earlier. Thanks!

Uthman, PortSwigger Agent | Last updated: Jan 25, 2021 02:16PM UTC

Hi Paulius, What is the MIME type and file extension of the image? Are you trying to download e.g. a JPEG? (This would be a binary file)

Paulius | Last updated: Jan 26, 2021 07:00AM UTC

Hi Uthman, thanks for reply. Its content-disposition: form-data; name="file"; filename="map.gif" content-type: image/gif Thanks!

Paulius | Last updated: Jan 26, 2021 07:00AM UTC

Hi Uthman, thanks for reply. Its content-disposition: form-data; name="file"; filename="map.gif" content-type: image/gif Thanks!

Uthman, PortSwigger Agent | Last updated: Jan 26, 2021 10:50AM UTC

You should have all the binary in the response. Have you tried saving that to a file and changing the file information to the proper type?

John | Last updated: Apr 02, 2023 09:15PM UTC

I know I'm grave digging, but how did you end up doing it? I'm facing a similar situation where the uploaded file has been deleted and I need to retrieve it from burp's history. Copying and saving the binary as a jpg creates a bad file that doesn't load with any picture viewer.

Hannah, PortSwigger Agent | Last updated: Apr 03, 2023 09:06AM UTC

It may require some modification, but you can find an extension that saves browsed images to a file here: https://github.com/Hannah-PortSwigger/SaveBrowsingImages Is it definitely a JPEG file type?

John | Last updated: Apr 03, 2023 09:40AM UTC

Yes, from the content-type, it's definitely a jpeg. I would have loved to modify that extension to parse requests as opposed to responses, but I have no knowledge of Java. I'm a Python/JavaScript person.

Hannah, PortSwigger Agent | Last updated: Apr 03, 2023 10:53AM UTC

Hi That particular extension is written in Python, using the legacy Extender API (you can find this here: https://portswigger.net/burp/extender/api/). When you saved the data as a file, did you copy/paste out the information from Burp, or did you select the image data, right-click and use the "Copy to file" context menu option (please note that you need to specify a file type)?

John | Last updated: Apr 03, 2023 12:40PM UTC

Ah! Stupid me, I was copying the data manually and saving the url decoded value in a file. I used the context menu, saved it as a jpg and I have the valid file now. Thank you Hannah, you just saved me here!

Hannah, PortSwigger Agent | Last updated: Apr 03, 2023 12:48PM UTC