Home

 

 

Blog

 

Burp suite

 

Burp intruder

 

Burp proxy

 

Burp spider

 

Burp sequencer

 

Burp repeater
About
Help
Download

 

Books

 

Misc

 

 

RSS

 



Search site
 




Burp Repeater help

Contents

Using Burp Repeater
Options
Extensibility

 

Using Burp Repeater

Burp Repeater is a tool for manually modifying and reissuing individual HTTP requests, and analysing their responses. It is best used in conjunction with the other Burp Suite tools. For example, you can send a request to Repeater from the Burp Proxy browsing history, from the results of a Burp Intruder attack, or from the Burp Spider results tree, and manually adjust the request to fine-tune an attack or probe for vulnerabilities.

The top half of the Burp Repeater panel allows you to configure the target host and port, and the details of your request. You can complete this information manually, however when you send a request from another Burp Suite tool the relevant details are all completed for you:

When you have configured a request, click the "go" button to send it to the server. The response is displayed in the bottom half of the display. For both requests and responses, various views of the message are available:

  • raw - This displays the message in plain text form. At the bottom of the text pane is a regex-based search and highlight function which can be used to quickly locate interesting strings within the message, such as error messages.
  • params - For requests containing parameters (within the URL query string, the Cookie header, or the message body), this tab analyses the parameters into name/value pairs and allows these to be easily viewed and modified.
  • headers - This shows the HTTP headers of the message as name/value pairs, and also displays any message body in raw form.
  • hex - This allows direct editing of the raw binary data that make up the message. Certain types of traffic (e.g. browser requests with MIME-encoded parts) contain binary content that may be corrupted if modified in the text editor. To modify this type of message, the hex editor should be used.
  • render - For responses containing HTML or image content, this renders the content in visual form, as it would appear within your browser.
  • viewstate - For requests containing an ASP.NET ViewState parameter, this deserialises the contents of the ViewState, enabling you to review the data contained for any sensitive items. It also indicates whether the ViewState MAC option is enabled (and therefore whether the ViewState can be modified).

Right-clicking on any of the display tabs produces a context menu that can be used to perform various actions.

You can use the "<" and ">" buttons to browse back and forwards through the requests you have made with Repeater, and modify and reissue any individual request, as necessary.

Options

The "repeater" menu controls aspects of Burp Repeater's behaviour.

If the "update Content-Length header" box is checked, then Burp Repeater will update the Content-Length header of each request (or add the header if necessary), with the correct value for the length of the HTTP body of that particular request. This feature is useful where the HTTP body has been manually modified, and so may have changed length. The HTTP specification, and most web servers, require the correct value for the length of the HTTP body to be specified using the Content-Length header. If the correct value is not specified, then the target server may return an error, may respond to an incomplete request, or may wait indefinitely for further data to be received in the request.

If the "unpack gzip" box is checked, then Burp Repeater will decompress gzip-compressed content before displaying it.

The redirect settings control whether Burp Repeater will follow HTTP redirects (i.e. those with a 3xx status code and a Location header containing a new URL). If the option is selected, then when a redirect is received Repeater will request the redirection URL (following up to 10 redirections if necessary) and display the results of this request in the response panel. The status message will indicate if a redirection was followed. Note that off-site redirects are not followed, to prevent you inadvertently attacking third-party applications.

The option to follow redirects is often useful when an application returns a 3xx response to various kinds of input, with the more interesting features of the application's processing of your request being returned when the redirection target is requested. For example, when probing for common vulnerabilities, the application may frequently return a redirect to an error page - this page may contain useful information about the nature of the error which can be used to diagnose bugs like SQL injection.

If the "process cookies in redirects" option is selected, then any cookies set in the 3xx response will be resubmitted when the redirection target is followed.

The "action" sub-menu contains the same context-menu items as are available by right-clicking the request or response panels.

Extensibility

Burp Repeater is extensible via the IBurpExtender interface. This allows third-party developers to extend the functionality of Burp suite by creating implementations of the interface which will be dynamically loaded and executed. The registerHttpRequestMethod() method of this interface allows implementations to be notified of a method within Burp Repeater which may be invoked by the implementation to issue arbitrary HTTP/S requests and receive responses. See the source code of the interface for more details.

 

Copyright (c) 2007 PortSwigger. All rights reserved.