We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
对于在响应体中的二进制数据,没法像burp那样可以保存原始数据,保存下来的和真实原始数据不一样,建议像burp一样增加以16进制查看或者保存原始未经编码数据的功能
The text was updated successfully, but these errors were encountered:
师傅有具体一点的案例吗,我们测试过一些二进制文件,使用下载body功能是没有问题的
Sorry, something went wrong.
这个跟响应头有关,如果响应头content-type是application/octet-stream之类的就不会,但如果是text/html之类的就会,我是在测试传输java序列化数据的时候发现的,请求和响应都是java对象的序列化流,但是响应头content-type是text/html,有些服务器虽然响应头的content-type是text类型,但实际上是二进制数据,这种情况就会出现这个问题
大概清楚问题了,这是因为服务端错误地返回了一个Content-Type,而引擎会因此尝试识别并修复响应体的字符集,这个问题主要存在于响应体存在非UTF-8字符的情况下。
临时解决办法是开启WebFuzzer - Fuzzer 配置- 请求包配置 - 不修复长度这个功能:
No branches or pull requests
对于在响应体中的二进制数据,没法像burp那样可以保存原始数据,保存下来的和真实原始数据不一样,建议像burp一样增加以16进制查看或者保存原始未经编码数据的功能
The text was updated successfully, but these errors were encountered: