1.4.baseline replace mode
1.4. about baseline/replace mode
Note: When using the intruder / repeater / scanner(burptool), be sure to select the request to be tested from the macro request list and execute "SendTo burptool".
- baseline mode
If you select baseline mode, you can test parameters tracked and updated in MacroBuilder with BurpTool (scanner / repeater / intruder)
The intruder / scanner has a baseline request to hold the original value before tampering for test.
As shown in the figure below, when the pattern ['||'] is added to the parameter, only the parameter baseline part is updated, and the added pattern remains.so, you can test with a tool that inserts / appends a pattern to baseline request.
by contrast, repeater tool has no baseline request. so, MacroBuilder has baseline buffer for repeater which holds current repeater request as baseline. if you test MacroBuilder's request with repeater, you might select "■update baseline■" in popup menu which updates baseline buffer with current repeater request.
Note: When you want to test with scanner / intruder after used with repeater tool in baseline mode, you should select "■Clear baseline■" menu on the scanner / intruder screen or you should select the request to test from the Macro Request List and send to the scanner / intruder with sendTo popup menu. Without you take this action, then repeater's baseline buffer affects to scanner/intruder's baseline, so parameter tracking/update may failed.
- replace mode
When replace mode is selected, as shown in the figure below, if the pattern ['||'] is added to the parameter, the parameter baseline part + the whole pattern is tracked and updated. Therefore, tracking/update parameters in the replace mode is not subject to test.