Burp Suite User Forum

Intruder - Attack Types - How can I use dynamic numbers for only a param While attac okther params

my | Last updated: Nov 26, 2019 11:10AM UTC

I have a request that need to different attack type for example; register_user.php?name=[payload1]&address=[payload2]&mail=[payload3] And a Payload list with 100 line. Iwant to test results following: Payload1 = 1 payload2 = Injection_Test_1 Payload3 = default/blank Payload1 = 2 payload2 = Injection_Test_2 Payload3 = default/blank ... Payload1 = 100 payload2 = default/blank Payload3 = Injection_test_1 .. Payload1 = 200 payload2 = default/blank Payload3 = Injection_test_100 Totally 200 requests. Param1 value is unique for every request and I don't want to attack that. In this case, I need to attack to parameters using sniper attack-type, IMO, because I don't want to multiple requests that pitchfork does or Cluster-Bomb does. They have different behaviors that I need. Sniper attack-type is more fit for my case, But in sniper attack-type, It allowed just to set a 1 payload set. Because it is attacking to all payload positions with the same payload set in order. Sniper attack type allows following result; Payload1 = Injection_test_1 payload2 = default/blank Payload3 = default/blank ... Payload1 = Injection_test_100 payload2 = default/blank Payload3 = default/blank ... Payload1 = default/blank payload2 = default/blank Payload3 = Injection_test_100 Totally 300 requests. Also, Payload1 is attacked and It doesn't have a unique value While other injections are going. I think I can use macro for set Payload1 but it's just a workaround. Also, there is no need to use a macro rule for getting Payload1's value.(iteration of number is ok) I am curious about is there an alternative way for doing the this job

Burp User | Last updated: Nov 26, 2019 11:27AM UTC

For a workaround, I use this extension https://portswigger.net/bappstore/36d6d7e35dac489b976c2f120ce34ae2

Liam, PortSwigger Agent | Last updated: Nov 26, 2019 01:12PM UTC

Have you tried using the Turbo Intruder extension? - https://portswigger.net/bappstore/9abaa233088242e8be252cd4ff534988 Attacks are configured using Python. This enables handling of complex requirements such as signed requests and multi-step attack sequences.

You need to Log in to post a reply. Or register here, for free.