User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > Help Me With A Post Request(.001 BTC Major Award)

Help Me With A Post Request(.001 BTC Major Award)

  1. 2019-08-09 at 4:45 AM UTC
    #1
    Admin African Astronaut
    I'm trying to submit a POST request using Burp Suite but I get a status 500 everytime. Without Burp Suite, the request goes through fine and some parameters on the web application change as desired. With Burp Suite, there is no change in the parameters with the application and I get a generic error page from the application.

    When I have Burp intercepting, on the Intercept List there appears to be no response for the initial Post request. Not even a redirect. It just shows on the next sequence/line that an error page is requested. So I'm not sure what's going on but I assume a redirect.

    When I request the same Post request using Repeater in Burp, I get a status 200 but the parameters don't change within the application.

    I need to change the parameters programmatically in my source, so I need to know why I am getting the status 500 using Burp Suite.

    I can't reveal the application due territorial instinct and probability of profit loss. But I will give out .001 in BTC to whoever helps me solve this issue.
  2. 2019-08-09 at 4:52 AM UTC
    #2
    aldra JIDF Controlled Opposition
    are you able to see the app's log?
  3. 2019-08-09 at 5:08 AM UTC
    #3
    Admin African Astronaut
    Originally posted by aldra are you able to see the app's log?

    No.
  4. 2019-08-09 at 5:10 AM UTC
    #4
    aldra JIDF Controlled Opposition
    I would probably fire up wireshark and compare the regular request to the one generated by burp then
  5. 2019-08-09 at 5:17 AM UTC
    #5
    Admin African Astronaut
    Originally posted by aldra I would probably fire up wireshark and compare the regular request to the one generated by burp then

    It works without Burp though. I just need to get it working with Burp.
  6. 2019-08-09 at 5:19 AM UTC
    #6
    aldra JIDF Controlled Opposition
    that's what I mean, if the data you're sending is returning a 200 but the same data returns a 500 when sent from burp, something in the data is not the same. if you compare the actual packets you can work out what and ideally resolve it
  7. 2019-08-09 at 5:25 AM UTC
    #7
    Shrooms Houston
    Change the parameter to adopt more specific/or general system set
  8. 2019-08-09 at 11:50 PM UTC
    #8
    Admin African Astronaut
    Originally posted by aldra that's what I mean, if the data you're sending is returning a 200 but the same data returns a 500 when sent from burp, something in the data is not the same. if you compare the actual packets you can work out what and ideally resolve it

    I don't think I need to go that low.

    There's something else...
  9. 2019-08-10 at 1:32 AM UTC
    #9
    aldra JIDF Controlled Opposition
    well, good luck then. either checking the server logs or comparing the raw data sent are the two quickest ways I can think of to try to resolve something like this. everything else is trial and error
  10. 2019-08-10 at 10:36 PM UTC
    #10
    Admin African Astronaut
    I figured it all out.

    There was actually a set up on the server that I was unaware of(some application logic) that was fucking up my agenda. Now I'm king shit again.

    Good day all.
  11. 2019-08-11 at 2:44 AM UTC
    #11
    Shrooms Houston
    I have a wallet you wanna send?
  12. 2019-08-11 at 9:23 PM UTC
    #12
    Admin African Astronaut
    Originally posted by Shrooms I have a wallet you wanna send?

    No. I have multiple btc wallets. You wanna send?
  13. 2019-08-11 at 9:31 PM UTC
    #13
    Erekshun Naturally Camouflaged
    I have a money clip.
  14. 2019-08-11 at 10:11 PM UTC
    #14
    Sophie Pedophile Tech Support
    Does Burp auto-fill in values for the parameters?
  15. 2019-08-12 at 7:47 PM UTC
    #15
    Admin African Astronaut
    Originally posted by Sophie Does Burp auto-fill in values for the parameters?

    When doing what?
  16. 2019-08-17 at 12:51 AM UTC
    #16
    Sophie Pedophile Tech Support
    Originally posted by Admin When doing what?

    I usually use Zaproxy, and besides being an intercepting proxy Zaproxy is a spider and a fuzzer too. So i guess spidering/fuzzing.
  17. 2019-08-17 at 5:06 AM UTC
    #17
    Admin African Astronaut
    Originally posted by Sophie I usually use Zaproxy, and besides being an intercepting proxy Zaproxy is a spider and a fuzzer too. So i guess spidering/fuzzing.

    Burp is as well. I have both but never really use Zap. I guess I'm just used to Burp.
  18. 2019-08-17 at 5:07 AM UTC
    #18
    Sophie Pedophile Tech Support
    Originally posted by Admin Burp is as well. I have both but never really use Zap. I guess I'm just used to Burp.

    Other way around for me, lol.
Jump to Top