Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Intruder - Attack Types - How can I use dynamic numbers for only a param While attac okther params

my Nov 26, 2019 11:10AM UTC

I have a request that need to different attack type for example;
register_user.php?name=[payload1]&address=[payload2]&mail=[payload3]
And a Payload list with 100 line.
Iwant to test results following:

Payload1 = 1
payload2 = Injection_Test_1
Payload3 = default/blank

Payload1 = 2
payload2 = Injection_Test_2
Payload3 = default/blank

...

Payload1 = 100
payload2 = default/blank
Payload3 = Injection_test_1
..


Payload1 = 200
payload2 = default/blank
Payload3 = Injection_test_100


Totally 200 requests. Param1 value is unique for every request and I don't want to attack that.

In this case, I need to attack to parameters using sniper attack-type, IMO, because I don't want to multiple requests that pitchfork does or Cluster-Bomb does. They have different behaviors that I need.

Sniper attack-type is more fit for my case, But in sniper attack-type, It allowed just to set a 1 payload set. Because it is attacking to all payload positions with the same payload set in order.

Sniper attack type allows following result;
Payload1 = Injection_test_1
payload2 = default/blank
Payload3 = default/blank
...
Payload1 = Injection_test_100
payload2 = default/blank
Payload3 = default/blank
...
Payload1 = default/blank
payload2 = default/blank
Payload3 = Injection_test_100

Totally 300 requests. Also, Payload1 is attacked and It doesn't have a unique value While other injections are going.
I think I can use macro for set Payload1 but it's just a workaround. Also, there is no need to use a macro rule for getting Payload1's value.(iteration of number is ok)
I am curious about is there an alternative way for doing the this job


my Nov 26, 2019 11:27AM UTC
For a workaround,
I use this extension
https://portswigger.net/bappstore/36d6d7e35dac489b976c2f120ce34ae2

Liam Tai-Hogan Nov 26, 2019 01:14PM UTC Support Center agent

Have you tried using the Turbo Intruder extension?

- https://portswigger.net/bappstore/9abaa233088242e8be252cd4ff534988

Attacks are configured using Python. This enables handling of complex requirements such as signed requests and multi-step attack sequences.


Post Your public answer

Your name
Your email address
Answer