When you try to fuzz a certain parameter, the fuzz payload is misplaced.
Steps:
Create a request like this:
GET / HTTP/1.0
TestHeader:FuzzThisDigit-0
Highlight the 0 after "FuzzThisDigit-"
Click Add
Select a Base number payload.
Run the Fuzz.
Expected Results:
The number 0 is changed to the numbers in the payload.
Actual Results:
The dash character, right before the zero, is fuzzed instead.
See screenshot attached.
You can validate the results in the "On the Wire" window or by hooking up a packet capture.
Other Notes:
It appears that everytime there is a line feed the location is off by one character... almost as if the location SELECTOR is not counting the Line Feeds, but the actual fuzzer is.
I did some testing and found that this use to work in version 1.3. But from version 1.4 and up, all the way to version 2.1 it is broken.
I tested this on Windows 2003 and Windows XP using Java 6 Update 20.
Screen shot of misplaced payload.
This has now being addressed in the 2.2 release. Thank you for your post, please keep them coming!