Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Match / Replace (Intruder Processing Rule) defect

Pascal Schulz Nov 12, 2019 11:49AM UTC

Hi Burp-Team,

I have noticed a bug in the Match / Replace Intruder processing rule.

I wanted to replace the character " with \". I have tried multiple variants to achieve that but always ended up with a different result than the one I wanted to have. As far as I understand, the "replace" part should take the input as given, correct?

However, filling in \" results in the " character only.

Best regards,
Pascal


Michelle Gillian Nov 12, 2019 02:54PM UTC Support Center agent

During your testing, have you tried \\" for the “replace” part of the Intruder processing rule? The payload processing rule would then read like this:
Match [“] replace with [\\”]
Using a regex checker (there are various ones online, e.g. https://regex101.com) this looks like it will give you the result you’re wanting, if not, please let us know.


Pascal Schulz Nov 14, 2019 02:00PM UTC
Yeah I have tried that, was not working.

Liam Tai-Hogan Nov 14, 2019 03:43PM UTC Support Center agent

The regex described above is working in our testing.

Could you email a screenshot of your settings to support@portswigger.net? Thanks.


Post Your public answer

Your name
Your email address
Answer