This is an extension for Burp Suite designed to help you launch HTTP Request Smuggling attacks, originally created during HTTP Desync Attacks research. It supports scanning for Request Smuggling vulnerabilities, and also aids exploitation by handling cumbersome offset-tweaking for you.
This extension should not be confused with Burp Suite HTTP Smuggler, which uses similar techniques but is focused exclusively bypassing WAFs.
The easiest way to install this is in Burp Suite, via
Extender -> BApp Store.
If you prefer to load the jar manually, in Burp Suite (community or pro), use
Extender -> Extensions -> Addto load
Right click on a request and click
Launch Smuggle probe, then watch the extension's output pane under
Extender->Extensions->HTTP Request Smuggler
If you're using Burp Pro, any findings will also be reported as scan issues.
If you right click on a request that uses chunked encoding, you'll see another option marked
Launch Smuggle attack. This will open a Turbo Intruder window in which you can try out various attacks by editing the
For more advanced use watch the video.
By changing the 'prefix' variable in step 7, you can solve all the labs and virtually every real-world scenario.