Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Intruder - Pitchfork - Payload Processing

Nounou | Last updated: Jan 25, 2021 06:49PM UTC

Hi, I think there is a problem with the Payload Processing module while using a Pitchfork attack. Indeed, the rules mentioned in this module are applied to all payloads and can only be defined once, which was not the case in version 2020.9. As a result of this, it is impossible to use two different payload processing attacks in the same requests. Would it be possible for you to confirm this bug please?

Nounou | Last updated: Jan 25, 2021 06:51PM UTC

BTW, it concerns Burpsuite Pro 2020.12.1.

Ben, PortSwigger Agent | Last updated: Jan 26, 2021 09:55AM UTC

Hi, Thank you for this. We believe that we have found the root cause of this issue and have implemented a fix that should, hopefully, be included in the next Burp release. We will update this thread to confirm when this fix has been incorporated in Burp.

Nicolas | Last updated: Jan 26, 2021 10:00AM UTC

Bug confirmed. Doh, I'll have to downgrade to 2020.9.2 :-/

Ben, PortSwigger Agent | Last updated: Feb 11, 2021 10:11AM UTC

Hi, We just wanted to let you know that the new Burp 2021.2 release should now have fixed the issue you were experiencing in Intruder.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.