Closed Aregaard closed 4 years ago
Ran into the same issue. As far as I know, you can not see the attacks (unless maybe via another extension, such as Logger++).
If a probe is successful, the result will be displayed in the Issues Activity
section of the Dashboard
tab, as well as Issues
section of the Target
tab in Burp Pro (it seems like the Burp community version does not have such output though):
To see if all checks are finished, go to the Extender > Extensions > (Select HTTP Request Snuggler) > Output > Show in UI:
Queued 1 attacks
TImeout with response. Start time: 1592916088100 Current time: 1592916208153 Difference: 120053 Tolerance: 10000
Unexpected report with response
Completed 1 of 1
If the checks are finished and there is no output in the issue activity (Burp Pro), then nothing was detected by the probe
This might be a big newbie question...but: System: OSX Catalina and Burp Suite Community. -I click on the Target-tab and right-click on a www.*****.com-address which was spidered Passive. -RIght-click on the GET-request and "Launch Smuggle Probe"
I know how the HTTP Smuggling works in practice. I have been doing it manually, but when I saw this add-on I would like to try it.