Closed ltfafei closed 1 year ago
Same issue here: Turbo Intruder window never opens (for probing)
This happens for "HTTP Request Smuggler -> Smuggle Probe" and all other probes in this menu. However, it does open Turbo Intruder for manipulated request (e.g. POST, chunked transport encoding) such that "HTTP Request Smuggler -> Smuggle Attack (CE.TL)" (and "Smuggle Attack (CE.TL)") appear in menu.
Both extensions installed via BApp Store after a fresh installation of BurpSuite.
Update: "Smuggle Probe" shows results in Logger The Logger shows alls requests & responses as if launched by Turbo Intruder. It can support drawing conclusions but this is not the intended behaviour, right?
Update: test with "Launch all scans" shows plugin output/error Tested with the HTTP request smuggling, obfuscating the TE header lab:
The output / error logs attached of "HTTP Request Smuggler" are attached (copied after ~10 min after launching the scans):
Probes and scans are not expected to launch a turbo intruder window, as they're fully automatic. Connection errors are also expected, due to the payloads sent by the scans. If a scan detects any vulnerabilities, they will be reported as scanner issues (if you're using pro) or printed in the extension output (if you're on community)
Awesome, thanks a lot for the clarifications
Hello,
Click Http Request Smuggler Unable to load to Turb Inturder. Burpsuite 2022.2.2