Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Scaning non standard requests

Crash | Last updated: Apr 29, 2016 08:51AM UTC

Hi guys! I have the following situation: I have some non standard post requests in some applications like: Using method POST i have several paramenters separeted by | and some cases by - arg1|arg2|arg3|argX| arg1-arg2-arg3-argX- In this case burp(scan) recorganize that arg1|arg2|arg3|argX| is only one parameter to be tested. I solved it using auto modification and 2 burp instances, 1 of this instances as upstream proxy for the another instance. I worked fine. Also, using intruder it worked, but is impossible to do it for all requests manually. So, i would like to know if someone has a better solution than mine or if there is an extesion that allow me chose the separator char and send it direct to active scan. Basic example: POST /lala/a/ HTTP/1.1 Host: lala.com User-Agent: Mozilla/5.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate, br Content-Type: text/x-gwt-rpc; charset=utf-8 Referer: https://lalalala/ Content-Length: 201 Cookie: JSESSIONID=12310294389032840324 Connection: close A|0|4|TEST|DSALKFDKDK43259DSAFRW|ssys.sys.sys|12345678|1|2|3|4|5|

PortSwigger Agent | Last updated: Apr 29, 2016 08:56AM UTC

You can use the Intruder UI to manually set your desired insertion points within the custom data structure, and then choose "Actively scan defined insertion points" from the Intruder menu. This will kick off an active scan just against the insertion points you have selected. Otherwise, to increase the automation, for a given application you could create a quick extension that knows about the data format and automatically sends items for active scanning with custom insertion points that have been determined programmatically.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.