Burp Suite User Forum

Create new post

intruder recursive grep

Scott | Last updated: Sep 26, 2016 08:08PM UTC

Hello, tl;dr Can Intruder Recursive Grep payload value for "Request 1" be extracted from "Request 0"? Testing an application that uses a unique CSRF token on each request and kills the session on an incorrect value. Trying to set up Intruder with recursive grep to populate the token. The problem is that I only know the valid CSRF value for the next request, and all subsequent values should be extracted from the previous request. Putting the current valid value in the Payload position results in a successful "Request 0" and the next value is extracted properly from request 0, but the extracted value is not substituted into request 1 because request 1 wants to use the value you put in "Initial value for first request". If I leave "Initial value for first request" blank nothing is put in for request 1 and the session is invalidated. But, if I put the known current expected value in "Initial value for first request" it gets burned in request 0 and is no longer valid for request 1 so the session gets invalidated. Catch 22.

Burp User | Last updated: Sep 26, 2016 08:17PM UTC

Solved: Uncheck "Make unmodified baseline request" in options tab.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.