Burp Suite User Forum

Create new post

Options to match & replace from existing message (like regex backreferences)

Prakash | Last updated: Dec 16, 2016 10:33AM UTC

Hi, I'd like to request a feature in Proxy's Options- Match & Replaces where I can find a match, and replace it with existing messages. For clarity, suppose I want to append Origin header in each requests, but I want its value be Host header. So, Origin header & Host header both have same value. Also, I'd like to request an option in Intruder- Where we can configure Intruder to stop automatically when it finds a certain match. For clarity, say I'm bruteforcing a login form. I want it stopped immediately when a correct password is found. So, for example, I can set "Log out" as a match string, and when it finds the match, it stops automatically. Thanks & regards, Prakash

PortSwigger Agent | Last updated: Dec 16, 2016 10:42AM UTC

Agreed, this would be a nice potential feature. It isn't currently easy to deliver within the framework of the existing match/replace rules feature. Next time we do any substantial work on that feature, we'll look into possible ways of delivering it. In the meantime, you can probably do what you want with a fairly simple extension.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.