Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Macros with Dynamic URL

Michael | Last updated: Aug 01, 2018 01:46AM UTC

How can this be done with BURP? I can get the macro working if the URLs are always the same but I'm stuck now that my POST requires a dynamic URL. Trying to do this with Macro/Extension: GET - www.domain.com where a POST form with username and password inputs contains a generated URL. POST - pass username and password to the POST form to the generated URL.

PortSwigger Agent | Last updated: Aug 01, 2018 08:55AM UTC

This isn't supported in core Burp. I have written an extension for you that should allow you to do this: - https://github.com/pajswigger/dynamic-url-macro Please let me know how you get on with this.

Burp User | Last updated: Aug 14, 2018 01:15AM UTC

Hi Paul, Sorry for the delay. Thanks for writing up an extension. I follow the instructions exactly where I created a macro containing one GET and one POST. I created a rule in session handling to invoke the extension for the Macro with one get and one post. I used the session tracker and saw the macro was triggered, but the rule to invoke the extender doesn't seem to be able to extract the action path from the form because in the POST it is still using the recorded path.

PortSwigger Agent | Last updated: Aug 15, 2018 12:31PM UTC