Git Product home page Git Product logo

burp_aes_plugin's Introduction

Burpsuite Plugin For AES Crack

0x00 mvn install to get jar

git clone https://github.com/jas502n/Burp_AES_Plugin/

cd ~/github/Burp_AES_Plugin/AESDecode

vi src/main/java/burp/BurpExtender.java

mvn install

[INFO] --- maven-install-plugin:2.4:install (default-install) @ AESCrack ---
[INFO] Installing /root/github/Burp_AES_Plugin/AESDecode/target/AESCrack-1.0-SNAPSHOT.jar to /root/.m2/repository/com/jas502n/AESCrack/1.0-SNAPSHOT/AESCrack-1.0-SNAPSHOT.jar
[INFO] Installing /root/github/Burp_AES_Plugin/AESDecode/pom.xml to /root/.m2/repository/com/jas502n/AESCrack/1.0-SNAPSHOT/AESCrack-1.0-SNAPSHOT.pom
[INFO] Installing /root/github/Burp_AES_Plugin/AESDecode/target/AESCrack-1.0-SNAPSHOT-jar-with-dependencies.jar to /root/.m2/repository/com/jas502n/AESCrack/1.0-SNAPSHOT/AESCrack-1.0-SNAPSHOT-jar-with-dependencies.jar
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  3.627 s
[INFO] Finished at: 2020-06-18T00:17:09+08:00
[INFO] ------------------------------------------------------------------------

0x01 最近遇到挺多网站前端用的 aes 加密登录,就想弄一个 Burpsuite AES 加密爆破插件

0x02 查阅资料,造轮子

如何编写自己的Burp Suite插件 https://t0data.gitbooks.io/burpsuite/content/chapter16.html

开发BurpSuite扩展爆破某平台 https://gorgias.me/2017/03/29/%E5%BC%80%E5%8F%91BurpSuite%E6%89%A9%E5%B1%95%E7%88%86%E7%A0%B4%E6%9F%90%E5%B9%B3%E5%8F%B0/

Burpsuite API Javadoc https://portswigger.net/burp/extender/api/

CoolCat 写的 AesDecode插件,支持菜单页面加密与解密,爆破 https://github.com/TheKingOfDuck/ https://blog.gzsec.org/archives/

c0ny1 的jsEncrypter https://github.com/c0ny1/jsEncrypter

0x03 idea 新建 mvn 项目,pom.xml 中添加依赖

    <dependencies>
        <!-- https://mvnrepository.com/artifact/net.portswigger.burp.extender/burp-extender-api -->
        <dependency>
            <groupId>net.portswigger.burp.extender</groupId>
            <artifactId>burp-extender-api</artifactId>
            <version>1.7.22</version>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-assembly-plugin</artifactId>
                <executions>
                    <execution>
                        <phase>package</phase>
                        <goals>
                            <goal>single</goal>
                        </goals>
                    </execution>
                </executions>
                <configuration>
                    <descriptorRefs>
                        <descriptorRef>jar-with-dependencies</descriptorRef>
                    </descriptorRefs>
                </configuration>
            </plugin>
        </plugins>
    </build>

0x04 新建包名 burp, java 类 BurpExtender,实现 AES 加密方法

IBurpExtender 官方必须要implements

IIntruderPayloadProcessor 由于我们要用到Intruder的爆破功能即可,所以需要implements

public class BurpExtender implements IBurpExtender, IIntruderPayloadProcessor {
    private static IExtensionHelpers helpers;
    public final static String extensionName = "AESCrack"; // 插件名称
    public final static String version = "1.0";
    public final static String AES_IV = "1234567812345678"; // 设置 AES IV 值
    public final static String AES_KEY = "key12345key67890"; // 设置 AES KEY 值
encryptAES (设置 AES iv 值)
    public static String encryptAES(String paramString1, String paramString2)
            throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, UnsupportedEncodingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        SecretKeySpec key = new SecretKeySpec(paramString2.getBytes(), "AES");
        IvParameterSpec iv = new IvParameterSpec("your-iv-value".getBytes()); //set iv
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, key, iv);
        return helpers.base64Encode(cipher.doFinal(paramString1.getBytes()));
    }

processPayload 方法 (设置 AES KEY)

    public byte[] processPayload(byte[] currentPayload, byte[] originalPayload, byte[] baseValue) {
        String dataParameter = helpers.bytesToString(currentPayload);
        String AesEncodeStr = null;
        try {
            AesEncodeStr = encryptAES(dataParameter, "your-aes-key"); //set aes key
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (NoSuchPaddingException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (InvalidAlgorithmParameterException e) {
            e.printStackTrace();
        } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
        } catch (BadPaddingException e) {
            e.printStackTrace();
        }
        return helpers.stringToBytes(AesEncodeStr);
    }

0x05 idea mvn 编译

Intellij-idea 如何编译maven工程 https://blog.csdn.net/u013044029/article/details/71681891

编译运行成功,在 target 目录,得到 aes.jar 文件

一个没有依赖(文件小) AESCrack-1.0-SNAPSHOT.jar 一个有依赖(文件大) AESCrack-1.0-SNAPSHOT-jar-with-dependencies.jar

Burpsuite 加载插件时,使用没有依赖的就行了 AESCrack-1.0-SNAPSHOT.jar

0x06 AES 爆破效果

burp_aes_plugin's People

Contributors

jas502n avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

crackercat jonathanzhou348 lczgywzyy hollow667 5l1v3r1 sevck rdpmind

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.