How Do I?

Make a new post

  • How addToSiteMap decides if there is any existing matching item in the site map?

    I'm working on a burp extension to create a site map from burp logs saved in an XML file. The burp log may contain redundant logs in it. Hence, when adding IHttpRequestResponse to site map using "IBurpExtenderCallbacks.addToSiteMap" the redundant logs are removed. I want to have a list of all the redundant logs which are not included in the site map. Since "addToSiteMap&...

    1 Agent Answer    1 Community Answer
    Aug 21, 2019 04:02AM UTC
  • Intercept SSL traffic for Android Nougat 7 and above version.

    Hi, do I need to decompile, add the security config xml file in application folder and recomiple every time while doing security testing in Android Nougat 7 and above versions ? As I am facing difficulty in testing android apps, needed more clarification on this. Thank you

    1 Agent Answer    0 Community Answer
    Aug 20, 2019 07:07AM UTC
  • Proxy intercept not working with firefox

    Im using firefox to run test my website on localhost.I configured the proxy settings so that burp suite can intercept it.But with all the correct settings,the traffic is still not intercepted.Yesterday it was working fine,i went to sleep woke up and its not working anymore. Configurations I used : https://imgur.com/a/wdhcfv7

    1 Community Answer
    Aug 19, 2019 07:00PM UTC
  • headless xml report with

    Hi Guys, Looking for quick help how can we get an XML report with base64 as false <request method="GET" base64="false">. I mean I need request and response in plain text rather than base64 encoded. I ran burp in headless mode. java -jar -Xmx1g -Djava.awt.headless=true "C:\Program Files\BurpSuitePro\burpsuite_pro.jar" --config-file=burpprojectoptions1.json -...

    1 Agent Answer    1 Community Answer
    Aug 19, 2019 08:56AM UTC
  • Lab: HTTP request smuggling, basic CL.TE vulnerability (Help for a noob)

    Hello, I'm new in this world and I already have an issue on the first lab (F****ng Hell) but i'm not down yet ! Even reading the solution I have issue on finding the "Unrecognized method GPOST" when using the Burp Repeater... Can someone help me ?

    1 Community Answer
    Aug 18, 2019 04:37PM UTC
  • how do i convert multipart gzip to original file

    during my research i'm intercepting some packages like this: Content-Type: multipart/form-data; boundary=cLXA2xHy63hD9QS92t_yJwlwnL8vVb Accept-Encoding: gzip, deflate X-FB-HTTP-Engine: Liger Connection: keep-alive Content-Length: 1922 --cLXA2xHy63hD9QS92t_yJwlwnL8vVb Content-Disposition: form-data; name="access_token" 567067343352427|f249176f09e26ce54212b472dbab8fa8 -...

    1 Agent Answer    0 Community Answer
    Aug 18, 2019 02:53AM UTC
  • How to configure Burp Suite for traffic to/from Docker container?

    As titled really. I have it setup correctly to monitor all browser traffic, however when I'm hitting a local container web app at localhost, it isn't intercepting. Can you offer any guidance?

    1 Agent Answer    0 Community Answer
    Aug 17, 2019 08:43PM UTC
  • JRE Warning

    Hello When I start up Burp Suite, I get the error message, "Your JRE appears to be version 12.0.1 from Oracle Corporation. Burp has not been fully tested on this platform and you may experience problems." Should I be worried?

    2 Agent Answers    1 Community Answer
    Aug 17, 2019 12:53PM UTC
  • encode xml payload ...

    hello support and folk ... im trying to send an exploit to server vlun to : Apache Struts2 Remote Command Execution (S2-052) the payload is : <map> <entry> <jdk.nashorn.internal.objects.NativeString> <flags>0</flags> <value class="com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data"> <dataHandler> ...

    1 Agent Answer    0 Community Answer
    Aug 16, 2019 01:25PM UTC
  • Burp Enterprise Edition

    After installing the BURP Enterprise edition and trying to open the administrative portal I am getting Login failed error. I am using the same username/email and password which I specified during installation

    1 Agent Answer    0 Community Answer
    Aug 15, 2019 10:29PM UTC