Burp Suite User Forum

Login to post

Feature request regarding Burp's "Turbo Intruder" extension.

Zarkones | Last updated: Aug 20, 2020 12:45PM UTC

Naturally "Turbo Intruder" feels like native feature of Burp proxy. And I've found it strange that we can not specify multiple injection points within a single request. (using "%s" symbol) Kind regards, your fellow researcher.

Michelle, PortSwigger Agent | Last updated: Aug 21, 2020 10:59AM UTC

It is possible to specify multiple injection points, there's an example for using multiple parameters you might want to take a look at: https://github.com/PortSwigger/turbo-intruder/blob/master/resources/examples/multipleParameters.py

Zarkones | Last updated: Aug 21, 2020 02:01PM UTC

Hmm, not quite what I was hoping for, while testing I've a need to inject the same payload into multiple points within the same request, by specifying '%s' multiple times.

Michelle, PortSwigger Agent | Last updated: Aug 25, 2020 02:15PM UTC

Can you explain the use case in a bit more detail, please? Once you have %s defined multiple times in the request how do you then see the payloads being assigned?

Sunil | Last updated: Feb 01, 2021 09:32PM UTC

I think I understand what Zarkones is asking. Let's say the request is something like username='abc'&password='password123' then let's say I have 2 wordlist one each for username and password and I want to a cluster bomb attack. The Turbo intruder should accept injection points at 'abc' and 'password123'. So, it will look something like username=%s&password=%t so that %s will get its own set of words and %t will gets it own words. I know this is possible via the simple list but let's say I want to do some processing when running through both these wordlists then Turbo intruder would be very useful. Currently it supports only one injection point which limits the use.

Michelle, PortSwigger Agent | Last updated: Feb 02, 2021 09:07AM UTC

You might find the multipleParameters.py example in TurboIntruder useful. When multiple payload positions are specified in the request, you can then set different source files for the different positions.

adadada | Last updated: Jun 26, 2022 07:45PM UTC

Hi portswigger team, Is it possible to add the same word-list in the request in turbo-intruder? Example: GET https://FUZZ/ HTTP/1.1 Host: FUZZ I want to send the same word-list twice at the same time. Example: GET https://1270.0.0.1/ HTTP/1.1 Host: 1270.0.0.1 Thanks

adadada | Last updated: Jun 26, 2022 07:47PM UTC

Cool, The issue has been resolved. With this configuration: def queueRequests(target, wordlists): engine = RequestEngine(endpoint=target.endpoint, concurrentConnections=5, requestsPerConnection=100, pipeline=False ) for firstWord in open('/usr/share/dict/words'): engine.queue(target.req, [firstWord.rstrip(), firstWord.rstrip()]) def handleResponse(req, interesting): # currently available attributes are req.status, req.wordcount, req.length and req.response if req.status != 404: table.add(req) Thanks

You need to Log in to post a reply. Or register here, for free.