Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

callbacks.makeHttpRequest encode special characters to url encode

Antoni mortarella Mar 21, 2018 09:04AM UTC

Hi!

When I making the requests with special characters, for example <>, the request is encoded with "URL encode". How could I send the request without encoding anything?

My code is as follows:

for(String payload: payloads){
IHttpRequestResponse test = this.callbacks.makeHttpRequest(httpService,insertionPoint.buildRequest(helpers.stringToBytes(payload)));
}

The request:
name=aaaa&email=aa%40aaa.com&course=aaa&class=aaa&gender=female&subject%5B%5D=%3cscript%3ealert(%22XSS%22)%3cscript%3e&checked=1&submit=Submit



Thanks!


Liam Tai-Hogan Mar 22, 2018 12:06PM UTC Support Center agent

You could use custom insertion points. You can specify custom insertion point locations programmatically using Burp Extender:

- https://portswigger.net/burp/help/extender


Post Your public answer

Your name
Your email address
Answer