Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Issues with Upstream Proxy and Chinese Character Display in Burp Suite, and Feature Requests

stuxn3t | Last updated: May 20, 2024 06:31PM UTC

Dear Burp Suite Support Team, I am writing to report several issues I have encountered while using Burp Suite and to suggest a few feature enhancements. **Issue 1: Inaccessibility of Certain Sites with Upstream Proxy Enabled** When I enable the upstream proxy in Burp Suite, I am unable to access certain websites, such as: - https://moodle.zwu.edu.cn Additionally, requests intended for `http://127.0.0.1` are unexpectedly being sent to the upstream server. This behavior is not as expected and disrupts my workflow. **Issue 2: Chromium Browser in Burp Suite Incompatibility** I am experiencing difficulties when using the Chromium browser within Burp Suite to access certain sites, for example, sites protected by Cloudflare like: - https://chatgpt.com However, when I use my system browser configured to use Burp's proxy (`127.0.0.1:8080`), everything works normally. I suspect this may be related to TLS fingerprinting issues, but it is perplexing that my system browser works correctly while Burp's integrated Chromium browser does not. **Bug: Chinese Characters Garbled in Intruder Grep-Extract Results** When using the Intruder tool, the grep-extract results display Chinese characters as garbled text. This issue significantly impacts the readability and usability of the results for users who rely on Chinese characters. **Feature Request 1: Fallback Font Support** I would like to request the addition of fallback font support in Burp Suite. I prefer using the CodeNewRoman font, but Burp Suite currently does not display Chinese characters when this font is selected. Having the ability to specify a fallback font that supports CJK (Chinese, Japanese, and Korean) characters would greatly enhance the user experience for users like myself who work with multiple languages. **Feature Request 2: Rendering Unicode Encodings** I would also like to request a feature to render Unicode encodings (e.g., `\uxxxxx`) in response results. This would improve the readability and analysis of responses containing Unicode characters. **Feature Request 3: Local Access Restriction for Burp Suite URL** Some websites use JavaScript to check if `http://burpsuite` is accessible, which can trigger honeypots if detected. It would be beneficial to have an option to restrict access to this URL to the local machine only, preventing external detection and potential honeypot activation. Thank you for considering my feedback. I appreciate the ongoing development and support for Burp Suite and hope that these issues can be addressed in future updates. Sincerely, NEX

Michelle, PortSwigger Agent | Last updated: May 21, 2024 11:02AM UTC

Thanks for getting in touch **Issue 1: Inaccessibility of Certain Sites with Upstream Proxy Enabled** - Do you see any errors when you try to access https://moodle.zwu.edu.cn? Are you able to access other sites? - For sites such as http://127.0.0.1, have you configured a rule in your Upstream proxy server list to specify that these requests should go direct rather than via the proxy server? To do this, you would need a rule above your proxy server rule that specifies the target (e.g. 127.0.0.1) but does not specify an upstream proxy server. If you leave the proxy server setting blank, this should allow the traffic to go directly to that target. **Issue 2: Chromium Browser in Burp Suite Incompatibility** If you believe some sort of fingerprinting is taking place you can try going to Settings> Network > TLS > TLS negotiation and selecting 'Use custom protocols and ciphers', you can then change the ciphers proposed in the TLS handshake. So, for example, if you scroll down the list of selected ciphers and disable the last three (TLS_EMPTY_RENEGOTIATION_INFO, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA) this should be enough to change the fingerprint and allow you to access the site. After making this change, close all open browser windows before trying to reconnect to the site to ensure a new TLS handshake takes place. **Bug: Chinese Characters Garbled in Intruder Grep-Extract Results** Are the correct results identified but just not displayed correctly? Or when the characters are garbled, does this result in the requests not being identified properly? **Feature Request 1: Fallback Font Support** We do use fallback fonts in the background but we’ve not had many people expressing an interest in making this user-configurable. I have raised this as a feature request so we can track interest initially. **Feature Request 2: Rendering Unicode Encodings** To make sure we are understanding this request correctly, can you email support@portswigger.net with some examples and sample scenarios to explain where and how this would be helpful? **Feature Request 3: Local Access Restriction for Burp Suite URL** Are you often running Burp’s Proxy on an unprotected interface? Or do you mainly use the default localhost setting for the Proxy interface?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.