Skip to content

Commit 3439b56

Browse files
f0ngf0ng
authored
Update 加密数据包无法使用被动扫描器来进行扫描的解决方案.md
1 parent c9f7016 commit 3439b56

File tree

1 file changed

+12
-12
lines changed

1 file changed

+12
-12
lines changed

autoDecoder的奇淫技巧/加密数据包无法使用被动扫描器来进行扫描的解决方案/加密数据包无法使用被动扫描器来进行扫描的解决方案.md

+12-12
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ updated: 2024-05-10T23:42:15+08:00
99

1010
大体原理如图:
1111

12-
![image-20240510172249881](/image-20240510172249881.png)
12+
![image-20240510172249881](photo/image-20240510172249881.png)
1313

1414
图中的xiasql可以替换成任意的burp插件或者xray等可以被动扫描的工具
1515

@@ -19,52 +19,52 @@ BurpA需要主要配置内容
1919

2020
​ 1、下游代理BurpB的监听端口
2121

22-
![image-20240510184031244](/image-20240510184031244.png)
22+
![image-20240510184031244](photo/image-20240510184031244.png)
2323

2424
​ 2、加解密接口需要互换
2525

26-
![image-20240510184137081](/image-20240510184137081.png)
26+
![image-20240510184137081](photo/image-20240510184137081.png)
2727

2828
​ 3、明文密文关键字互换
2929

30-
![image-20240510184204063](/image-20240510184204063.png)
30+
![image-20240510184204063](photo/image-20240510184204063.png)
3131

3232
BurpB无需复杂的配置按照正常逻辑配置即可
3333

3434
## 案例
3535

36-
![image-20240510184823699](/image-20240510184823699.png)
36+
![image-20240510184823699](photo/image-20240510184823699.png)
3737

3838
发现数据为加密 写脚本 配置autodecoder插件
3939

4040

4141

4242
BurpA配置如下
4343

44-
![image-20240510184941968](/image-20240510184941968.png)
44+
![image-20240510184941968](photo/image-20240510184941968.png)
4545

46-
![image-20240510184953514](/image-20240510184953514.png)
46+
![image-20240510184953514](photo/image-20240510184953514.png)
4747

4848
BurpB autodecoder配置
4949

50-
![image-20240510185112609](/image-20240510185112609.png)![image-20240510185112631](/image-20240510185112631.png)
50+
![image-20240510185112609](photo/image-20240510185112609.png)![image-20240510185112631](photo/image-20240510185112631.png)
5151

52-
![image-20240510185408106](/image-20240510185408106.png)
52+
![image-20240510185408106](photo/image-20240510185408106.png)
5353

5454

5555

5656

5757

5858
开启burpA的xiasql等被动扫描插件 然后在点击各个功能点进行被动测试
5959

60-
![image-20240510185618653](/image-20240510185618653.png)
60+
![image-20240510185618653](photo/image-20240510185618653.png)
6161

62-
![image-20240510185836736](/image-20240510185836736.png)
62+
![image-20240510185836736](photo/image-20240510185836736.png)
6363

6464
xiasql正常发送数据包
6565

6666

6767

6868
BurpB收到的数据包为明文 通过加密会发送到服务端
6969

70-
![image-20240510190039659](/image-20240510190039659.png)
70+
![image-20240510190039659](photo/image-20240510190039659.png)

0 commit comments

Comments
 (0)