Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Apache Tomcat "Transfer-Encoding" Bug

Peter Quill Nov 28, 2014 10:54AM UTC

Hi,

When trying to exploit CVE-2010-2227 on a vulnerable Apache Tomcat server I've noticed that Burp (1.6.06) deletes "Transfer-Encoding" HTTP header when using as a proxy.

Regards

Peter


Liam Tai-Hogan Nov 28, 2014 10:55AM UTC Support Center agent

Thanks for your message.

Burp does indeed remove the TE header but this is intended behavior. The TE header is generally used to specify chunked encoding, and because Burp operates as a store-and-forward proxy, it needs to remove chunked-encoding metadata from HTTP messages so that they are user readable and editable. Burp always changes messages so that they include a Content-Length header. This makes for much more reliable networking when Burp is mediating between the client and server, and making its own requests.

If you need to attack the HTTP layer itself, rather than the app that is running above it, we’d recommend using a lower-level tool to give you direct unmodified access to the wire data, such as netcat.

Hope that helps.


Post Your public answer

Your name
Your email address
Answer