Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Intruder view original payload in the results

bogdan84 | Last updated: Oct 02, 2015 01:22PM UTC

Hello! How can i do to view original payload in the results table intruder, before Processing payload rules. I try to do this: [code="python"] def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo): if not messageIsRequest and self._callbacks.TOOL_INTRUDER == toolFlag: messageInfo.setComment("original payload") [/code] But comment column is empty on the every items request/response, however if change TOOL_INTRUDER to TOOL_PROXY now i can view string "original payload" in the proxy results. Sorry, for my bad english, and Thanks!

PortSwigger Agent | Last updated: Oct 05, 2015 08:25AM UTC

Thank for this feedback. You're right, there is a bug in Intruder whereby API-driven annotations (comments and highlights) are not correctly applied to the Intruder results and so don't appear in the UI. We'll get this problem fixed in the next minor update to Burp.

Burp User | Last updated: Oct 06, 2015 06:45AM UTC

Thanks for the reply Dafydd Stuttard! I think problem has in Create New Window, when Intruder is starting attack.

PortSwigger Agent | Last updated: Oct 06, 2015 12:17PM UTC

We've fixed the issue with API-driven annotations not being correctly applied to Intruder attack results. Thanks again for your feedback and let us know if you run into any other problems.

Burp User | Last updated: Oct 06, 2015 06:13PM UTC

Okay!

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.