Shulou(Shulou.com)06/01 Report--

This article shows you how to use the Burp Suite plug-in in python, the content is concise and easy to understand, it will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

IBurpExtender:

All plug-ins must implement this interface, the class name must be "BurpExtender", and a default constructor must be provided.

IBurpExtender is used to register extensions on burp, and there is also a registerExtenderCallbakcs class method to implement in IBurpExtender:

When the extension is called, an IBurpExtenderCallbacks instance is registered, which provides many common operations:

First complete and understand part of the code:

IIntruderPayloadGeneratorFactory:

Call IBurpExtenderCallbacks.registerintruder

PayloadGeneratorFactory () registers a payload generator.

Below this class, there are two class methods that need to implement "createNewInstance" and "getGeneratorName"

CreateNewInstance method: create a new instance of the payload generator that will return an instance of the payload generator when launching a plug-in attack.

GetGeneratorName method: used to get the name of the payload generator

Continue to complete and understand the code:

Now that we have registered the payload generator, we need to define our payload generator with an interface class

IIntruderPayloadGenerator: this interface class is used to define the plug-in's payload generator, provided we have something to define. So we use IIntruderPayloadGeneratorFactory to return a new instance of this interface.

There are three class methods "getNextPayload" in this interface class

, "hasMorePayloads", "reset"

GetNextPayload: used to get the next payload

HasMorePayloads: determines whether the generator can provide more payload

Reset: duplicates the generator state so that the first payload is returned the next time the getNextPayload method is called

Continue to complete and understand the code:

We can print out the current_payload and the transcoded payload to see:

I won't explain too much here. It's clear at a glance. I am using the DVWA-low-sql environment here for testing.

Post a complete and concise code:

Finally, a picture is attached to sort out the logic:

The above is how to use the Burp Suite plug-in in python. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.