Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

why my base response in scanner is incorrect

Akash | Last updated: Oct 16, 2018 10:54AM UTC

I have a POST request POST /request/<ID> which gives successful response(200 OK) for a unique id value. But if the same id value is used again, then we get 4XX series of response with an error stating ID already exists. How do I scan such a request? I send this request to repeater, change the ID value and click Go. I get a successful response in Repeater. But if open the request in repeater, change the ID to a new value and send it to Scanner directly, I don't see a successful base response at all in the Scanner. It shows the response with error ,<id> already exists although I am using a new unique id value. why does this happen? It continues to scan also, but the issues found will also have the response showing the same error, id already exists. So my question is , >Is the scan even valid here as it is not getting a successful response for any of the issues identified? >where is it running this request the very first time( because i am seeing already exists error)? >Is there a way to give a random unique value to the ID parameter automatically for teh scanner to use during the scan?

PortSwigger Agent | Last updated: Oct 16, 2018 12:43PM UTC

You can use the Token Incremenetor extension to generate a unique ID for each request: - https://portswigger.net/bappstore/ae166662024149f981bb6920cf3c8960

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.