Comments on: Re-login plugin for Burp Suite http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/ A blog with scattered thoughts on security Thu, 29 Dec 2011 12:49:00 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Kamalakar http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-278 Kamalakar Thu, 29 Dec 2011 12:49:00 +0000 http://chirashi.zensay.com/?p=10#comment-278 Hi, Any sample impelmentation for other interfaces other than  "IBurpExtender "?My requirement is some thing like thisAbility to give url to the burp suite and it should do active scan and give report.I found that this can be done with burp extension Need some sample code for other InterfacesCan anybody help me?RegardsVK Hi,

Any sample impelmentation for other interfaces other than 
“IBurpExtender “?My requirement is some thing like thisAbility to give url to the burp suite and it should do active scan and give report.I found that this can be done with burp extension Need some sample code for other InterfacesCan anybody help me?RegardsVK

]]> By: Ch0pstick http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-18 Ch0pstick Sat, 26 Jun 2010 18:46:16 +0000 http://chirashi.zensay.com/?p=10#comment-18 In theory, this should work for all requests. The plugin looks for a specific pattern in the response body, if found, then it knows that the session has been invalidated. Then, the plugin will attempt to re-login to the web app. In my case, the login process was tedious and time consuming. The plugin cut my testing time by a third; mainly because the F5 BigIP was set to 'anal' mode. In theory, this should work for all requests. The plugin looks for a specific pattern in the response body, if found, then it knows that the session has been invalidated. Then, the plugin will attempt to re-login to the web app. In my case, the login process was tedious and time consuming. The plugin cut my testing time by a third; mainly because the F5 BigIP was set to 'anal' mode.

]]> By: yarrrr http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-17 yarrrr Sat, 26 Jun 2010 16:13:43 +0000 http://chirashi.zensay.com/?p=10#comment-17 I take it this doesn't rewrite queued requests in the scanner? as in, this is purely for manual poking? I take it this doesn't rewrite queued requests in the scanner? as in, this is purely for manual poking?

]]> By: Chirashi Security » I’m speaking at Hack In The Box 2009! http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-16 Chirashi Security » I’m speaking at Hack In The Box 2009! Tue, 04 Aug 2009 10:01:07 +0000 http://chirashi.zensay.com/?p=10#comment-16 [...] Training track precedes the con and is another great way of picking up some m4d l33t sk1llz.  I wrote a post on Burp Suite that talked a little bit about the Web Application Hackers Handbook and one of its [...] [...] Training track precedes the con and is another great way of picking up some m4d l33t sk1llz.  I wrote a post on Burp Suite that talked a little bit about the Web Application Hackers Handbook and one of its [...]

]]> By: Chopstick http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-15 Chopstick Wed, 13 May 2009 05:39:00 +0000 http://chirashi.zensay.com/?p=10#comment-15 Herro!<br /><br />Arigato gozaimasu! You're too kind. Herro!

Arigato gozaimasu! You’re too kind.

]]> By: Anonymous http://chirashi.zenconsult.net/2009/05/re-login-plugin-for-burp-suite/#comment-14 Anonymous Tue, 12 May 2009 16:17:00 +0000 http://chirashi.zensay.com/?p=10#comment-14 Hey!<br /><br />Nice stuff man. <br /><br />You should realeaze this under your own moniker for phun and proaphit. Hey!

Nice stuff man.

You should realeaze this under your own moniker for phun and proaphit.

]]>