This software program was created by Natsasit Jirathammanuwat throughout a cooperative training course at King Mongkut’s University of Technology Thonburi (KMUTT).
- Set up Jython standalone Jar in Extender > Options > Python Environment > “Select file…”.
- Add ZIP File Raider extension in Extender > Extensions > Add > CompressedPayloads.py (Extension kind: Python)
How to make use of
Send the HTTP request with a compressed file to the ZIP File Raider
First, proper click on on the HTTP request with a compressed file in HTTP physique after which choose “Send request to ZIP File Raider extender Repeater” or Scanner.
This Repeater tab makes it attainable to edit the content material of the compressed file after which repeats it to the server promptly.
Descriptions for ZIP File Raider – Repeater tab:
- Files and folders pane – record of recordsdata and folders within the compressed file which is distributed from the earlier step (Send request to …), choose a file to edit its content material.
- Edit pane – edit the content material of chosen file in textual content or hex mode (press “Save” after enhancing one file if you wish to edit a number of recordsdata in a ZIP file).
- Request/Response pane – The HTTP request/response might be proven on this pane after clicking on the “Compress & Go” button.
This Scanner tab is used for setting the §insertion level§ within the content material of the ZIP file earlier than sending it to Burp Scanner.
Descriptions for ZIP File Raider – Scanner tab:
- Files and folders pane – record of recordsdata and folders within the compressed file which is distributed from the earlier step (Send request to …), choose a file that you just need to set the §insertion factors§.
- Set insertion level pane – set insertion level within the content material of the chosen file by clicking on the “Set insertion point” button. (The insertion level might be enclosed with a pair of § image)
- Config/Status pane – config the scanner and present the scanner standing (Not Running/Running).