Burp Suite User Forum

Create new post

Update the content of the Intruder attack window

t1n | Last updated: Jun 12, 2015 08:19AM UTC

I would like to intercept a request after an intruder attack is started. After the intercept, I want to modify the request and send them out. At the moment I'm trying it with a httpListener, but this does not update the attack window. Additionally I observed that Burp sends 2 requests, the first one is the original Intruder request an the second is the request I modified. How could I prevent Burp from doing this? I hope you could help me with my problem!

PortSwigger Agent | Last updated: Jun 15, 2015 02:25PM UTC

By design, changes made by extensions to outgoing requests aren't necessarily propagated back to the invoking tool, because this would break lots of features. For example, scan issues have highlights that identify attack payloads or other relevant features of requests. If an extension modifies a request in arbitrary ways, it isn't possible to reapply the highlights in the right places. Depending on what you're trying to achieve, you could possible use a second instance of Burp as upstream proxy from the first, and view the upstream Proxy history to see the changes made to requests by your extension. Regarding Intruder sending both the unmodified and modified requests, we're not aware of this issue and haven't been able to reproduce it. Note that Intruder does resend the original unmodified request template with no payloads, to provide a baseline request item in the attack results. Perhaps this explains the additional request that you observed.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.