@@ -9,7 +9,7 @@ updated: 2024-05-10T23:42:15+08:00
9
9
10
10
大体原理如图:
11
11
12
- ![ image-20240510172249881] ( /image-20240510172249881.png )
12
+ ![ image-20240510172249881] ( photo /image-20240510172249881.png)
13
13
14
14
图中的xiasql可以替换成任意的burp插件或者xray等可以被动扫描的工具
15
15
@@ -19,52 +19,52 @@ BurpA需要主要配置内容
19
19
20
20
1、下游代理BurpB的监听端口
21
21
22
- ![ image-20240510184031244] ( /image-20240510184031244.png )
22
+ ![ image-20240510184031244] ( photo /image-20240510184031244.png)
23
23
24
24
2、加解密接口需要互换
25
25
26
- ![ image-20240510184137081] ( /image-20240510184137081.png )
26
+ ![ image-20240510184137081] ( photo /image-20240510184137081.png)
27
27
28
28
3、明文密文关键字互换
29
29
30
- ![ image-20240510184204063] ( /image-20240510184204063.png )
30
+ ![ image-20240510184204063] ( photo /image-20240510184204063.png)
31
31
32
32
BurpB无需复杂的配置按照正常逻辑配置即可
33
33
34
34
## 案例
35
35
36
- ![ image-20240510184823699] ( /image-20240510184823699.png )
36
+ ![ image-20240510184823699] ( photo /image-20240510184823699.png)
37
37
38
38
发现数据为加密 写脚本 配置autodecoder插件
39
39
40
40
41
41
42
42
BurpA配置如下
43
43
44
- ![ image-20240510184941968] ( /image-20240510184941968.png )
44
+ ![ image-20240510184941968] ( photo /image-20240510184941968.png)
45
45
46
- ![ image-20240510184953514] ( /image-20240510184953514.png )
46
+ ![ image-20240510184953514] ( photo /image-20240510184953514.png)
47
47
48
48
BurpB autodecoder配置
49
49
50
- ![ image-20240510185112609] ( /image-20240510185112609.png ) ![ image-20240510185112631] ( /image-20240510185112631.png )
50
+ ![ image-20240510185112609] ( photo /image-20240510185112609.png) ![ image-20240510185112631] ( photo /image-20240510185112631.png)
51
51
52
- ![ image-20240510185408106] ( /image-20240510185408106.png )
52
+ ![ image-20240510185408106] ( photo /image-20240510185408106.png)
53
53
54
54
55
55
56
56
57
57
58
58
开启burpA的xiasql等被动扫描插件 然后在点击各个功能点进行被动测试
59
59
60
- ![ image-20240510185618653] ( /image-20240510185618653.png )
60
+ ![ image-20240510185618653] ( photo /image-20240510185618653.png)
61
61
62
- ![ image-20240510185836736] ( /image-20240510185836736.png )
62
+ ![ image-20240510185836736] ( photo /image-20240510185836736.png)
63
63
64
64
xiasql正常发送数据包
65
65
66
66
67
67
68
68
BurpB收到的数据包为明文 通过加密会发送到服务端
69
69
70
- ![ image-20240510190039659] ( /image-20240510190039659.png )
70
+ ![ image-20240510190039659] ( photo /image-20240510190039659.png)
0 commit comments