Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Enlarge your burp or how not to be afraid of JavaDocs
Igor Bulatenko Ivan Elkin
Sources
h"ps://goo.gl/oYjBTg(python)
#whoami
• #videns• HeadofQIWIapplicaAonsecuritydepartment• FormersecuritysoFwaredeveloper• CTFplayerandorganizer(TechnoPandas)• JBFCMemberJ
Whatisallabout
• Whypeople(us)useburp• Burp101
• Officialinfo• OtherpresentaAons
• Internals• Plugins
Isitgood?
• #1amongwebscanners*• CrossplaTorm• GoodformanualvulnerabiliAestesAng• Canscanwholeinternet• Hasplugins• Mostpopularvulnerabilitychecks• GartnerchallengersforAST
Unofficialinfos
h"p://www.slideshare.net/jasonhaddix/bsides-finalh"p://www.slideshare.net/AugustDetlefsen/burp-extensionsh"p://www.slideshare.net/marcwickenden/burp-plugin-development-for-java-n00bs-44-conh"p://www.agarri.fr/docs/HiP2k13-Burp_Pro_Tips_and_Tricks.pdfh"p://www.youtube.com/watch?v=Q2WK5LpDbxwh"p://www.youtube.com/watch?v=N-IKHmGjf2ch"ps://twi"er.com/everythingburph"p://www.slideshare.net/AugustDetlefsen/appsec-usa-2015-customizing-burp-suite
Whyimproveit?
• NotcorrectuseofAPI• Scanfullness• TimeforimplemenAngnewtechniques
How it works (spidering)
How its works (active scan)
Demo 01
• SimplestPlugin• ShowloggingfuncAonality(stdout,stderr)• LogInserAonPointsinfo
• NestedInserAonPoint• DoAcAveScan• Howtodebuginpython(jython)
Demo 02
• DoAcAveScan• Buildingrequestfora"ack• Howrequestsarecounted(scannertab)• Sendrequestsviacallbacksorviajython
• HighlighAnginrequest/responses
Demo 03
• Errormessagecheck(h"p://virvales.blogspot.ru/2015/08/burp-stacktrace-sniffer.html)
• H"pListener• Manualaddingscanissue
You’re doing it wrong
Right way
Demo 04
InserAonPointProviderCustomInserAonPoint,necessarymethodsLoggingpayloads
The end (part 1)