Skip to content

depycode/burpsuite_hack

BranchesTags

Repository files navigation

burpsuite_hack

一款代理扫描器

  • 适配python3.6+

  • 支持 GET/POST/无限嵌套json、list的漏洞探测

  • 扫描请求去重

  • 基本不会触发WAF,最小化探测

详细请见:https://www.cnblogs.com/depycode/p/17079397.html

整体架构

image

使用方法

  • burpsuite 插件加载:BurpExtender_ALL_UI.py ,修改socks host、port 为扫描端对应的ip和端口,然后点击set image image

  • 扫描端启动

nohup python3 MyUDPHandler_Threads.py &

创建数据库

+--------------------+
| Tables_in_burphack |
+--------------------+
| sql_bool           |
| sql_error          |
| ssrf               |
+--------------------+

+----------+-------------------------------------------------------------------+
| Database | Create Database                                                   |
+----------+-------------------------------------------------------------------+
| burphack | CREATE DATABASE `burphack` /*!40100 DEFAULT CHARACTER SET utf8 */ |
+----------+-------------------------------------------------------------------+

+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Table    | Create Table                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_bool | CREATE TABLE `sql_bool` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `host` varchar(255) NOT NULL,
  `risk` int(11) NOT NULL,
  `bool_true_resp` mediumtext NOT NULL,
  `bool_true_req` mediumtext NOT NULL,
  `bool_false_resp` mediumtext,
  `bool_false_req` mediumtext,
  `first_resp` mediumtext NOT NULL,
  `payload` varchar(255) NOT NULL,
  `first_req` mediumtext NOT NULL,
  `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='bool型sql注入'    |
+----------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Table     | Create Table                                                                                                                                                                                                                                                                                                                              |
+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_error | CREATE TABLE `sql_error` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `request_data` mediumtext,
  `response` mediumtext,
  `host` varchar(255) DEFAULT NULL,
  `dbms` varchar(255) DEFAULT NULL,
  `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 |
+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Table | Create Table                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| ssrf  | CREATE TABLE `ssrf` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `payload` varchar(255) DEFAULT NULL,
  `request_data` mediumtext,
  `response` mediumtext,
  `host` varchar(255) DEFAULT NULL,
  `is_vul` int(11) DEFAULT '0' COMMENT '0 默认值\n1 存在漏洞',
  `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP,
  `vuType` int(11) DEFAULT NULL COMMENT '1  ssrf\n2  rce',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=16625 DEFAULT CHARSET=utf8 COMMENT='历史ssrf探测请求'              |
+-------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

实战成果

  • TSRC

image

参考

About

一款代理扫描器

Resources

Readme
Activity

Stars

514 stars

Watchers

7 watching

Forks

64 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages