Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Collaborator feature to exfiltrate data

Maurizio Agazzini Jul 05, 2018 07:56AM UTC

Currently the collaborator it allow only to understand if a specific request generate an interaction with the collaborator on own payload. It would be very useful to add a feature to show in burp also exfiltrated data.

For example, a normal collaborator DNS request is:

l8unsfv43bbasbil8bo4o4edl4rufj.pippo.pluto.net

Having the possibility to add data like will help tester, for example:

XXXXXXXXXXXXXXXXXXXXXXl8unsfv43bbasbil8bo4o4edl4rufj.pippo.pluto.net

Currently this king of request isn't shown inside burp because the hostname doesn't match with the one that has been generated.

Maurizio


Maurizio Agazzini Jul 05, 2018 09:47AM UTC
Ok, my fault... the feature is already implemented, just use the 4th level domain like:

XXXXXXXXXXXXXXXXXXXXXX.l8unsfv43bbasbil8bo4o4edl4rufj.pippo.pluto.net

Maurizio

Paul Johnston Jul 05, 2018 12:26PM UTC Support Center agent

Hi Maurizio,

Sure, that works at a technical level. If you are using this techniques, you should be using a private Collaborator server. The license agreement with the public collaborator forbids use for exploitation and exfiltration.

There is an extension extension that does similar:

- https://github.com/NetSPI/BurpCollaboratorDNSTunnel

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer