Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Extended grep-extract in Intruder to cover more occurrences

Andrej | Last updated: Sep 07, 2017 09:24AM UTC

I would like to ask for more web-scraping capabilities. Let's say I have an intruder to iterate through hundreds of payloads (e.g. page 1, 2, ...), and responses are always of the same format (XML, CSV, ...). I'm able to grep-extract only the 1st payload from the response, e.g. <email>(.*?)</email>; whereas I would like to have an option to extract all of them present => to have an "uncertain" number of columns in Result table for each HTTP response. And if we would take it further, there could be more extracts possible, e.g. to extract something inside of tags, e.g.: <person><name>Adam</name><email>adam@test.com</email><person> <person><name>Eve</name><email>eve@test.com</email><person> where I would like to see columns like Name1: Adam | Email1:adam@test.com | Name2: Eve | Email2:eve@test.com

Liam, PortSwigger Agent | Last updated: Sep 07, 2017 10:08AM UTC

You can use the "Duplicate" button to add the same matching item multiple times in succession. Each server response will be searched for multiple occurrences of that expression, and the text immediately following each occurrence will be captured. - https://portswigger.net/burp/help/intruder_options.html#grepextract We're aware that this isn't apparent in the "Define extract grep item" preview window. We've made a note in our development backlog to enhance this function.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.