Wednesday, time for some more THM!
Today we move on to the Burp Suite: Intruder module.
In this module we will cover What is Intruder, Payloads, Introduction to Attack Types, Sniper, Battering Ram, Pitchfork, Cluster Bomb and finish off with a range of practical examples!
Going through the Intruder module and it really urk’s me that the questions are done in this way.
As shown below the question asks the following –
As a hypothetical question: You need to perform a Battering ram Intruder attack on the example request above.
If you have a wordlist with two words in it (admin and Guest) and the positions in the request template look like this:username=§pentester§&password=§Expl01ted§
What would the body parameters of the first request that Burp Suite sends be?
As you would expect from the syntax of the question that you would include the selector § icon within your asnwer but no, of course you don’t…
Flag – THM{MTMxNTg5NTUzMWM0OWRlYzUzMDVjMzJl}
Answer – o.bennett:bella1
Overall, quite a good module which includes the teaching of macro’s within burp which I haven’t used to be fair which was good to learn!
Until next time & don’t sleepwalk through life!
Mapanen