Home Unlabelled Zip File Raider - Burp Extension For Zilch File Payload Testing

Zip File Raider - Burp Extension For Zilch File Payload Testing

By
Tuesday, September 24, 2019
Read
Add Comment
ZIP File Raider is a Burp Suite extension for attacking spider web application amongst ZIP file upload functionality. You tin easily inject Burp Scanner/Repeater payloads inwards ZIP content of the HTTP requests which is non viable yesteryear default. This extension helps to automate the extraction in addition to compression steps.
This software was created yesteryear Natsasit Jirathammanuwat during a cooperative pedagogy course of instruction at King Mongkut's University of Technology Thonburi (KMUTT).

Installation
  1. Set upward Jython standalone Jar inwards Extender > Options > Python Environment > "Select file...".
  2. Add ZIP File Raider extension inwards Extender > Extensions > Add > CompressedPayloads.py (Extension type: Python)

How to use

Send the HTTP asking amongst a compressed file to the ZIP File Raider
First, correct click on the HTTP asking amongst a compressed file inwards HTTP trunk in addition to and therefore direct "Send asking to ZIP File Raider extender Repeater" or Scanner.



Repeater
This Repeater tab makes it possible to edit the content of the compressed file in addition to and therefore repeats it to the server promptly.


Descriptions for ZIP File Raider - Repeater tab:
  1. Files in addition to folders pane - listing of files in addition to folders inwards the compressed file which is sent from the previous pace (Send asking to ...), direct a file to edit its content.
  2. Edit pane - edit the content of selected file inwards text or hex fashion (press "Save" later on editing ane file if y'all desire to edit multiple files inwards a ZIP file).
  3. Request/Response pane - The HTTP request/response volition live on shown inwards this pane later on clicking on the "Compress & Go" button.

Scanner
This Scanner tab is used for setting the §insertion point§ inwards the content of the ZIP file earlier sending it to Burp Scanner.


Descriptions for ZIP File Raider - Scanner tab:
  1. Files in addition to folders pane - listing of files in addition to folders inwards the compressed file which is sent from the previous pace (Send asking to ...), direct a file that y'all desire to railroad train the §insertion points§.
  2. Set insertion indicate pane - railroad train insertion indicate inwards the content of the selected file yesteryear clicking on the "Set insertion point" button. (The insertion indicate volition live on enclosed amongst a distich of § symbol)
  3. Config/Status pane - config the scanner in addition to exhibit the scanner condition (Not Running/Running).

Author
Natsasit Jirathammanuwat


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us