You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After a recent BurpSuite upgrade, SAML Raider's attacks get applied but not forwarded.
I intercept the SAMLResponse request, and apply a SAML attack, but what gets forwarded is the original, unaltered request, not the SAMLRaider-altered version.
For example, I intercept a SAMLResponse request, and apply the SAML attack "Remove Signatures". I get the orange verification text "Message signature successful removed", and I can see that the signature has indeed been removed. I click on "Forward" to send the edited message on its way.
But what actually gets forwarded is original request. I can verify this by looking in the HTTP history and seeing that there are only 2 options for the request: "Original request" and "Auto-modified request". They are both exactly the same: the original request without the SAML attack applied. There is no "Edited request" option like you'd normally see when the SAML attack was actually sent.
Using SAML Raider 2.0.0. This behavior seems to happen with all BS 2024.7.x releases and seems to work fine with BS 2024.6.6.
Have tried all the usual: rebooting, disable/enable and re-installing SAML Raider. It looks like BurpSuite made some changes to their proxy starting with 2024.7.3 and I wonder if those changes are not SAML Raider compatible?
The text was updated successfully, but these errors were encountered:
After a recent BurpSuite upgrade, SAML Raider's attacks get applied but not forwarded.
I intercept the SAMLResponse request, and apply a SAML attack, but what gets forwarded is the original, unaltered request, not the SAMLRaider-altered version.
For example, I intercept a SAMLResponse request, and apply the SAML attack "Remove Signatures". I get the orange verification text "Message signature successful removed", and I can see that the signature has indeed been removed. I click on "Forward" to send the edited message on its way.
But what actually gets forwarded is original request. I can verify this by looking in the HTTP history and seeing that there are only 2 options for the request: "Original request" and "Auto-modified request". They are both exactly the same: the original request without the SAML attack applied. There is no "Edited request" option like you'd normally see when the SAML attack was actually sent.
Using SAML Raider 2.0.0. This behavior seems to happen with all BS 2024.7.x releases and seems to work fine with BS 2024.6.6.
Have tried all the usual: rebooting, disable/enable and re-installing SAML Raider. It looks like BurpSuite made some changes to their proxy starting with 2024.7.3 and I wonder if those changes are not SAML Raider compatible?
The text was updated successfully, but these errors were encountered: