Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Pasting a text buffer with equal signs in a Repeater's body parameter's value creates unexpected parameters

Ilguiz | Last updated: Mar 31, 2020 03:07AM UTC

Adding a multiline buffer <a href=”javascript:alert(0)”>ClickMe</a> to a body parameter split the value by the equal sign and created two more parameters. In addition, I would not expect the edit mode to suddenly turn the existing value into its percent encoding. This looks insane considering how much pentesters pay attention to encoding and its context. Obviously, the percent encoding applies only in transit (plus in updating the content-length header).

Ilguiz | Last updated: Mar 31, 2020 03:08AM UTC

Err scratch "multiline".

Ilguiz | Last updated: Mar 31, 2020 03:12AM UTC

Err scratch "equal signs". It turns that adding double quotes to the value break it into extra parameters. Ouch! If the unexpected percent encoding in the edit mode is ever going to be fixed, it would be nice to warn about pasting unexpected Unicode quotes copied from those pesky Word/PDF pentest reports.

Liam, PortSwigger Agent | Last updated: Mar 31, 2020 03:09PM UTC

Thanks for your message Ilguiz. I'll discuss this with the product team and get back to you.

Liam, PortSwigger Agent | Last updated: Apr 02, 2020 07:16AM UTC

We've added this issue to our development backlog. Unfortunately, we can't provide an ETA. We will notify you when this is fixed.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.