Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide option to stop hostname resolution check #54

Open
ahanel13 opened this issue Oct 20, 2022 · 1 comment
Open

Provide option to stop hostname resolution check #54

ahanel13 opened this issue Oct 20, 2022 · 1 comment

Comments

@ahanel13
Copy link

I'm running into an issue where the HTTP request smuggler extension will fail to run because it cannot resolve the hostname.

The host I'm testing can only be accessed through a proxy so I'm not 100% sure how the DNS resolves requests. Every request in the burp proxy history shows "unknown host", but everything works fine. I can usually bypass this issue resolution error with extensions like turbo intruder, but this one simply fails and quits.

Providing some options to stop this check would be great! Maybe I'm missing something in the settings as well, any help is appreciated!

@albinowax
Copy link
Collaborator

It doesn't do an explicit hostname check, it just uses the Burp API to send requests to the target. I'd suggest contacting PortSwigger support and seeing if they can help. Also, beware that request smuggling attacks don't typically play nicely with upstream HTTP proxies - you might end up exploiting the proxy itself

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants