Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Modify Burp Plugin settings in Burp Enterprise

Christopher | Last updated: Aug 27, 2020 01:12PM UTC

The problem I'm having is that the SQL Injection detection methodology tries to send 2 different requests to the same endpoint with a slightly modified GET parameter; assuming that the response from both request should be the same Content-Length. This is not a bad approach, but I think allowing for slight variation in Content-Length is of greater value. In my case my Content-Length changed by only 1 byte and that triggered the Critical Severity SQL Injection vulnerability. I'd like to adjust that threshold, to make this detection method less sensitive to noise. In Burp Pro this is configurable, how should I adjust this in Burp Enterprise?

Hannah, PortSwigger Agent | Last updated: Aug 27, 2020 03:45PM UTC

Hi. Thank you for your query. Could you describe how you go about modifying this threshold in Burp Suite Professional?

Christopher | Last updated: Aug 31, 2020 06:28PM UTC

This youtube clips walks through it https://www.youtube.com/watch?time_continue=86&v=Wa_8HgwTjdM&feature=emb_title

Hannah, PortSwigger Agent | Last updated: Sep 01, 2020 08:59AM UTC

Hi The video you've linked is for the Burp Bounty, Scan Check Builder extension that is available in Burp Suite Professional. As Burp Suite Enterprise does not implement extensions, you are unable to do this. We do have plans to implement extensions in Burp Suite Enterprise - so this may be functionality that is available in the next 12 months. You can check out our product roadmap here: https://portswigger.net/blog/burp-suite-roadmap-update-july-2020

Christopher | Last updated: Sep 01, 2020 05:57PM UTC

Hannah, Thanks for the feedback. I want to make sure we're on track with the original issue. The issue is that the scan is producing a false positive. The false positive is because of a built-in plugin that has a pretty poor default configuration. How do I go about fixing this plugin. I don't think a custom extension should be the only option?

Hannah, PortSwigger Agent | Last updated: Sep 02, 2020 10:37AM UTC