Research Academy Daily Swig
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

Find and replace with $ sign in replace not working

Jason | Last updated: Dec 16, 2021 04:13AM UTC

I am attempting to use find and replace to replace the user agent string with a jndi payload. However the dollar sign in the replacement string causes the replacement not to work. For instance: Match: ^User-Agent.*$ Replace: alzqx5cjvfzg1xi5qpl00zxi399zxo.burpcollaborator.net

Liam, PortSwigger Agent | Last updated: Dec 16, 2021 10:38AM UTC

Thanks for your message, Jason. We'll investigate and get back to you ASAP.

Liam, PortSwigger Agent | Last updated: Dec 17, 2021 11:59AM UTC

This seems to be working in our testing. Did you check the "Regex match" check box when you created the rule?

Lieven | Last updated: Dec 21, 2021 07:19PM UTC

fwiw - it looks like some characters in the replacement string needs escaping. The $ for example as mentioned in this tweet https://twitter.com/payloadartist/status/1470717447346946056?s=20

Lieven | Last updated: Dec 21, 2021 07:19PM UTC

fwiw - it looks like some characters in the replacement string needs escaping. The $ for example as mentioned in this tweet https://twitter.com/payloadartist/status/1470717447346946056?s=20

You need to Log in to post a reply. Or register here, for free.