Burp Suite User Forum

Login to post

Turbo intruder has encoding base64??

Alen | Last updated: Oct 07, 2023 02:55PM UTC

Hi dear İ have a target it's login page encoded with base64 (user password) i easily could attacked successfully with intruder because it had payload rule that encoding credentials to base64 or hash or .... but in turbu intruder i can't find any settings for base64 my target is same same but I have no idea how can i be successful with turbo intruder and also it's important for me cause turbo is very faster Please help me Thank you

Hannah, PortSwigger Agent | Last updated: Oct 09, 2023 09:17AM UTC

Hi

The main benefit of Turbo Intruder is that you can apply any custom logic you like using Python/Jython.

You may find the following guide useful: https://www.educative.io/answers/how-to-use-base64b64encode-in-python

You can find a basic example below:
import base64

def queueRequests(target, wordlists):
    engine = RequestEngine(endpoint=target.endpoint,
                           concurrentConnections=5,
                           requestsPerConnection=100,
                           pipeline=False
                           )

    string = 'asdf'
    string_encode = string.encode('utf-8')
    encoded = base64.b64encode(string_encode)
    for i in range(10):
        engine.queue(target.req, encoded)


def handleResponse(req, interesting):
    # currently available attributes are req.status, req.wordcount, req.length and req.response
    if req.status != 404:
        table.add(req)

Alen | Last updated: Oct 11, 2023 06:21PM UTC

Hi agent Hannah thank you for help it's worked successfully know my new question is how can i attack in this way(base64 encoding)on multi host or multiple ip targets?(they are same product and port) İn Your example script where I write or retrieve ip/domain names list in .txt file?

Hannah, PortSwigger Agent | Last updated: Oct 12, 2023 10:07AM UTC

Hi You can find the documentation for using Turbo Intruder here: https://portswigger.net/research/turbo-intruder-embracing-the-billion-request-attack It looks like there is a multi-host example script built in to Turbo Intruder. You can find it in the scripts dropdown when you are configuring an attack.

Alen | Last updated: Oct 20, 2023 10:50AM UTC

Hi dear Hannah and other friends sorry for disturbing again in your example instead of one string(string = 'asdf')how Can I write password list file path and attack with my passlist? best regards

Hannah, PortSwigger Agent | Last updated: Oct 20, 2023 12:38PM UTC

You could provide an array of items and loop through those. Alternatively, you could read input directly from a file. As you can use Python code to write your own custom logic, there is a wide variety of functionality you can implement.

Alen | Last updated: Oct 20, 2023 01:21PM UTC

Ok that's right but I am beginner at python and burp suite can you please write your example as wrote before and just add how to write passlist path directory instead of one string? Thank you

Hannah, PortSwigger Agent | Last updated: Oct 23, 2023 10:32AM UTC

Hi The basic.py example shows how to queue requests using information retrieved form the filesystem. Make sure that you replace the file path with one that is valid on your machine!

You need to Log in to post a reply. Or register here, for free.