Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Match and Replace does not seem to work correctly with CJK characters

Jackpot | Last updated: Sep 07, 2023 12:24PM UTC

I'm trying to replace a JSON which contains Japanese characters, I want to replace them with Chinese characters, then the HTTP history shows that no modification was made. (by the way I was unable to send this post until I changed my browser language settings)

Jackpot | Last updated: Sep 07, 2023 12:25PM UTC

(F12 says "unable to verify invisible recaptcha", the CN version of recaptcha js does not seem to work correctly)

Michelle, PortSwigger Agent | Last updated: Sep 07, 2023 01:23PM UTC

Hi At what stage are you making the changes? Are you intercepting the request and then forwarding it? Can you see the Chinese characters as you make the edits? If you view the request in the Logger tab, do you see any differences? Could you send some screenshots of what you see in both Logger and Proxy History to support@portswigger.net, please? Also, can you please confirm which version of Burp you are using?

Jackpot | Last updated: Sep 08, 2023 08:45AM UTC

Just as title suggested, "Match and Replace" (literal, not regex) has problem. I tried Intercept feature as well, in this case manual text replacement works. I'm using the latest burpsuite_community_v2023.9.4.jar

Michelle, PortSwigger Agent | Last updated: Sep 08, 2023 10:23AM UTC

Hi Do the characters display as you expect when you're setting up the match and replace? Does the issue occur with all Chinese characters or just specific ones? Can you send some screenshots to support@portswigger.net, as this might help us to replicate the issue?

Jackpot | Last updated: Sep 08, 2023 11:43AM UTC

>Do the characters display as you expect when you're setting up the match and replace? Yes, but I changed font to achieve this, otherwise those characters are "tofu"s, so that I would have to copy them out to somewhere like notepad.exe to see what they are. >screenshot I have to change font to make CJK characters display correctly, but this is relatively a minor issue. I'm decribing a functional problem, that the response body is expected to be modified, however it is not modified as expected. Font or text rendering is a problem as well, however it's not only a different topic, but also relatively not very important. >help us to replicate the issue Like, the server is replying a JSON like {"chara":"まどか"} and then I copy & paste'ed this into the input box of (literal, regex checkbox is not checked) "Match and Replace" feature, and then expected the JSON to be modified into something like {"chara":"圆"} However I see the item showed in HTTP history is still not modified at all.

Jackpot | Last updated: Sep 08, 2023 11:47AM UTC

By "no modification was made" I mean, it's NOT "seemed" to be "the same". Not the case. If I want to Match and Replace something which does not include CJK charaters, this automatic text replacement function works fine, so that I can see a "Original"/"Auto-Modified" tab switcher when the item in HTTP history is selected. By "no modification was made" I mean, there's no record of "Auto-Modified" at all.

Jackpot | Last updated: Sep 08, 2023 11:54AM UTC

Oh sorry, sorry. The "tofu" unrendered text character issue does not happen to the input boxes of Match and Replace. It happens to HTTP Request or Response content showing area in the "HTTP history" tab.

Jackpot | Last updated: Sep 08, 2023 11:55AM UTC

By the way the server is using UTF-8 text encoding.

Jackpot | Last updated: Sep 08, 2023 11:55AM UTC

By the way the server is using UTF-8 text encoding.

Jackpot | Last updated: Sep 08, 2023 12:01PM UTC

Let's take this page as a live example, although it is just HTML, not JSON: https://magireco.com/news/?id=63688 The auto-modification works when I want it to replace "Magia Day 2023" into "Magia Day Modified 2023". It does not work when I want it to replace "キャラクター・シナリオ" into "角色・剧情".

Michelle, PortSwigger Agent | Last updated: Sep 08, 2023 01:36PM UTC

Hi Thanks for the updates and the examples. We've been able to replicate this and link it to an issue with some other characters reported by another user. We've added your examples to the bug report.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.