search

simioni87 / auth_analyzer

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
MIT License
185 stars 48 forks source link

Could not set header to null(blank) #5

Closed claconsay closed 3 years ago

claconsay commented 3 years ago

Hi simioni87,

First of all, thank you for this awesome tool!

I've been using your tool for a while and I just got some problem setting the header's value to null (blank).

I have this header called X-token, I want this header to remain on the request but with a blank value.

I tried the following setup

X-token: �token[blank]�

token(Remove: true)
Value: null

But on the modified request, it is always converted to 

X-token: blank

I also tried setting it up as

X-token: //no parameter
X-token: �token[]� //no character in-between []
X-token: �token[ ]� //whitespace  in-between[]
X-token: �token[blank]�

token(Remove: false, Extraction: Static Value, Value: )
Value: //whitespace value

But it all ended up using the X-token from the original request.

Can you help me with this, please?

Best regards,

simioni87 commented 3 years ago

Hi claconsay

All of your tries should work (exepct the ones with the string 'blank'). This is actually a bug and will be fixed with the next release. Thanks for your message.

Best regards

simioni87 commented 3 years ago

Hi claconsay

I fixed the issue in the latest version.

Have fun and best regards

claconsay commented 3 years ago

Hi

I have it tested on the latest version and I confirm that this issue has been fixed. Thank you so much for looking into this simioni87! I'm now closing this issue.