Filter Results Intruder
Hey, I recently started using Burp and I preformed an intruder test using cluster bomb with two payloads (user & pass).
I had approximately 1 million requests sent to the local server. The problem is that there is only one way to find out if any of the payloads successfully worked/got a hit.
And that way is to either check "Response 1" (there are two responses) for the value of "Location" (since this is the only indicator that the payload worked). The other way is to check "Request 2" for the value of the GET Header Request and see the URL Location there.
Exporting the file is a pain considering there are over 110 million lines.
I have the pro version of burp and I am able to use the filtering using search terms in Intruder, although I do not know if it's possible to search "Response 1" tab (rather than the second response which is useless) or the "Request 2" tab.
I could in theory redo the attack and change some settings so it's easier to filter, but doing one million requests took me about 24 hours. I do not want to wait again.
How can I filter my result using the criteria described above? If it's not possible with Burp, which tool should use?
Thanks for all answers.
Thanks for your message.
Have you tried configuring the settings in Intruder > Options > Attack results.
These settings control what information is captured in the attack results. You can select with the Intruder attack will store requests or responses.
Please let us know if you need any further assistance.
I have not touched the default settings:
I am trying to filter the attack results I currently have. I really do not want to redo the attack as it takes too long. Do you have any suggestions on how to filter the current result to show what I want rather than redoing the attack?
I have saved the server responses, but these only include the "Response 2" tab. I have also selected some items and saved them, but these do not include "Response 1" nor "Request 2" data made by Burp suite.
Is there anyway to either filter the result I have gotten from the attack or anyway to save those data gathered by Burp?
I just need to see if the redirection after the first request is to a specific url and if it is, save the payload since it's a successful paypal.
For example if:
Payload 1 = Admin
Payload 2 = Password
This is the only way to know if the payload worked or not (by checking the second request or the first response).
Any ideas how to filter for these results?
Have you tried using the filter bar in the attack window? You could try filtering by a specific search term that only appears when the redirect is followed.