Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Setting proxy.MasterIntercept to 0

Amit | Last updated: Sep 16, 2015 06:22PM UTC

In order to do selective custom scanning area selection using active scanning using my extension, I am trying to set those values using the loadConfig() To do this, I first set the following values to 'false' scanner.testcommandinjection scanner.testcommandinjectionblind scanner.testcommandinjectioninformed scanner.testCsrf scanner.testheaderinjection scanner.testheadermanipulation scanner.testLDAPinjection scanner.testpathtraversal scanner.testredirection scanner.testReflectedXSS scanner.testremotefileinclusion scanner.testserverissues scanner.testserversidecodeinjection scanner.testserversidetemplateinjection scanner.testSQLinjection scanner.testSQLinjectionboolean scanner.testSQLinjectionerror scanner.testSQLinjectionmssql scanner.testSQLinjectionmysql scanner.testSQLinjectionoracle scanner.testSQLinjectiontime scanner.teststoredXSS scanner.testXMLSOAPinjection scanner.testexternalinteraction And then based on my selection, I set the specific values to true However, I am noticing that when I do that, the proxy.MasterIntercept which is set to 0 (since I turned off proxy intercept), gets set to 1 automatically (ie. proxy intercept gets enabled) I tried to set it forcefully, Map <String, String> newConfig = new HashMap<String, String>(); newConfig.put("proxy.MasterIntercept", "0"); callbacks.loadConfig(newConfig); But it's still not getting set to '0' Any suggestions on how to ensure this doesn't happen? Is this a bug? Should a defect be filed for it?

PortSwigger Agent | Last updated: Sep 17, 2015 02:27PM UTC

There is a specific API to control proxy interception, which is the best way to control this: https://portswigger.net/burp/extender/api/burp/IBurpExtenderCallbacks.html#setProxyInterceptionEnabled(boolean)

Burp User | Last updated: Sep 23, 2015 08:02PM UTC

We do not want to control Proxy Interception. We are trying to load specific values as mentioned, scanner.testcommandinjection scanner.testcommandinjectionblind scanner.testcommandinjectioninformed scanner.testCsrf scanner.testheaderinjection scanner.testheadermanipulation scanner.testLDAPinjection scanner.testpathtraversal scanner.testredirection scanner.testReflectedXSS scanner.testremotefileinclusion scanner.testserverissues scanner.testserversidecodeinjection scanner.testserversidetemplateinjection scanner.testSQLinjection scanner.testSQLinjectionboolean scanner.testSQLinjectionerror scanner.testSQLinjectionmssql scanner.testSQLinjectionmysql scanner.testSQLinjectionoracle scanner.testSQLinjectiontime scanner.teststoredXSS scanner.testXMLSOAPinjection scanner.testexternalinteraction However, when we explicitly set these values using loadConfig() we are noticing that the value for proxy.MasterIntercept is being being set to 1. Not sure why we are seeing that. Is that a bug with the method?

Burp User | Last updated: Sep 23, 2015 09:16PM UTC

One more note, when i perform the loadConfig() operation, even my proxy port settings (I set it to listen on 8081) gets reset to 8080. Can you please look into, why are all proxy settings reverting back to default instead of current when loadconfig() is being performed?

PortSwigger Agent | Last updated: Sep 24, 2015 08:25AM UTC