Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Match / Replace (Intruder Processing Rule) defect

Pascal Schulz Nov 12, 2019 11:49AM UTC

Hi Burp-Team,

I have noticed a bug in the Match / Replace Intruder processing rule.

I wanted to replace the character " with \". I have tried multiple variants to achieve that but always ended up with a different result than the one I wanted to have. As far as I understand, the "replace" part should take the input as given, correct?

However, filling in \" results in the " character only.

Best regards,

Michelle Gillian Nov 12, 2019 02:54PM UTC Support Center agent

During your testing, have you tried \\" for the “replace” part of the Intruder processing rule? The payload processing rule would then read like this:
Match [“] replace with [\\”]
Using a regex checker (there are various ones online, e.g. this looks like it will give you the result you’re wanting, if not, please let us know.

Pascal Schulz Nov 14, 2019 02:00PM UTC
Yeah I have tried that, was not working.

Liam Tai-Hogan Nov 14, 2019 03:43PM UTC Support Center agent

The regex described above is working in our testing.

Could you email a screenshot of your settings to Thanks.

Post Your public answer

Your name
Your email address