728x90 AdSpace

  • Latest News

    Wednesday, 16 August 2017

    Understanding burp suite intruder attack type

    Burp Suite is one of the most popular intercepting proxies out there and it features an Intruder option which allows us to enumerate over parameters with payloads from wordlists. This Intruder option is very powerful, extensive and could be used in a lot of various combinations to produce some amazing results. In this article, we’re going to be looking at the different attack types Intruder features.

    The Burp Suite’s Intruder option comes with 4 attack modes, viz.,

    SniperBattering RamPitchforkCluster Bomb

    We’re going to take a closer look at them, for which we’re going to use the following request and wordlists.

    The request

    POST / HTTP/1.1 Host: 10.10.10.100:33664 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://10.10.10.100:33664/ Connection: close Upgrade-Insecure-Requests: 1 Content-Type: application/x-www-form-urlencoded Content-Length: 13 password=test

    You enter your own wordlists by clicking on load.

    The request and the wordlists we are using might not be the best example of a real-world scenario where you’d use the Burp Intruder, but our goal is to understand the attack types and it serves that purpose well enough.


    Sniper

    Wordlists: Single

    The sniper attack enumerates over each parameter, one at a time. So if you have multiple parameters, it will enumerate the first parameter with all the payloads from the wordlist supplied and then move on to the second and so on.

    Format:

    1st request - param1=wordlist[0]&param2= 2nd request - param1=wordlist[1]&param2= ... After enumerating through param1 with all the payloads from wordlist, 1st request - param1=&param2=wordlist[0] 2nd request - param1=&param2=wordlist[1] ...

    Battering Ram

    Wordlists: Single

    The battering ram attack enumerates over multiple parameters with the same payload for all the parameters.

    Format:

    1st req - param1=wordlist[0]&param2=wordlist[0] 2nd req - param1=wordlist[1]&param2=wordlist[1] ...

    Pitchfork

    Wordlists: Multiple

    The pitchfork attack type enumerates over multiple parameters at the same time using different payloads for each parameter at the same time.

    Format:

    1st request - param1=wordlist1[0]&param2=wordlist2[0] 2nd request - param1=wordlist1[1]&param2=wordlist2[1] ...

    Cluster Bomb

    Wordlists: Multiple

    The cluster bomb attack type enumerates over multiple parameters by using all the possible combinations of payloads from the multiple wordlists.

    So if you have multiple parameters, it will enumerate over one of the parameters with all the payloads from its respective wordlist, while the other parameters have the first payload from their respective wordlists loaded.

    Format:

    1st request - param1=wordlist1[0]&param2=wordlist2[0] 2nd request - param1=wordlist1[1]&param2=wordlist2[0] 3rd request - param1=wordlist1[2]&param2=wordlist2[0] ... After enumerating through param1 with all the payloads from wordlist1, 1st request - param1=wordlist1[0]&param2=wordlist2[1] 2nd request - param1=wordlist1[1]&param2=wordlist2[1] 3rd request - param1=wordlist1[2]&param2=wordlist2[1] ...

     

    • Blogger Comments
    • Facebook Comments

    0 comments:

    Post a Comment

    Item Reviewed: Understanding burp suite intruder attack type Rating: 5 Reviewed By: Unknown
    Scroll to Top