Turbo Intruder: Abusing HTTP Misfeatures to Accelerate Attacks by James Kettle

Рет қаралды 22,405

Күн бұрын

Recorded live on January 19, 2019 at LevelUp 0x03.
Learn more: www.bugcrowd.com/resources/ev...
Join Bugcrowd: bit.ly/invitesplz
Have a question related to this talk? Post it on our forum: forum.bugcrowd.com/t/levelup-...
Abstract:
"Automated web application attacks are terminally limited by the number of HTTP requests they can send. It's impossible to know how many hacks have gone off the rails because you didn't quite manage to bruteforce a password, missed a race condition, or failed to find a crucial folder.
In this session I'll introduce, demo and distribute Turbo Intruder - a research grade Burp extension built from scratch with speed in mind. Most tools struggle to reach 1,000 HTTPS requests per second (RPS), whereas Turbo Intruder uses a selection of custom HTTP stacks to exceed 30,000 RPS while minimising the chance of your router exploding. It's also designed to be fully extensible so you can easily launch multi-step attacks and filter responses.
As well as showing how to use the tool, I'll discuss the underlying HTTP abuse that enables it to go so fast, so you can attain similar speeds in any tools you happen to write. Finally, I'll cover some new research I'm currently pursuing on generating context-aware payloads and automatically identifying interesting responses."
Follow us on Twitter: / bugcrowd

Пікірлер: 29

@danieljordan1793 5 жыл бұрын

This guy is awesome, his content is always original and extremely helpful!

@waliedahmed5030 Жыл бұрын

Agree!

@sakettestsakettest8009 4 жыл бұрын

This guy is incredible ❤️

@saeedkamranfar684 4 жыл бұрын

GREATE, James kettel is the legend of web security

@mthulisi8840 3 жыл бұрын

Excellent stuff!

@killzann7757 3 жыл бұрын

This is incredible, thanks

@DeepakPrajapati-ny3bj 5 жыл бұрын

Thank you for this very informative and very helpful video.

@CU.SpaceCowboy 3 жыл бұрын

i saw a video of him getting a shell on a code sandbox website with like 2-3 broken up lines of php. hes legendary.

@SatouSei13 Жыл бұрын

Amazing tool. Thank you! 🙏🙏

@Ramazan05duldug 4 жыл бұрын

Thanks! )

@rnz2363 3 жыл бұрын

i did not have a clue about HTTP pipelining. good info here. thx

@freem4nn129 11 ай бұрын

nice !! thx for this

@zoomanimation420 4 жыл бұрын

Thanks

@TheHackTodayOfficial 5 жыл бұрын

cool!

@a.for.arun_ 2 жыл бұрын

@albinowax Legend!!!

@yoshi5113 Жыл бұрын

I love James Kettle ..

@skylinegeekhackerone8560 4 жыл бұрын

i get error, SyntaxError: ("mismatched input 'table' expecting INDENT", ('', 26.0, 'table.add(req) ')) when i user race.py to check race condition

@DragonStoneCreations 3 жыл бұрын

How to configure multiple injection points in the request? I tried using %s in 2 locations, payload is injected only first %s :(

@poxato 3 жыл бұрын

there's a premade script in the scripts section of the turbo intruder for multiple Parameters.

@slaxblake 4 жыл бұрын

How to use it for race condition @Bugcrowd

@jessicaito5212 Жыл бұрын

What am I doing wrong. I am only getting 100-141 RPS. Do I need to get anything other then Turbo Intruder? My settings are concurrentConnections=25 requestsPerConnection=100 Pipeline=True

@shayberkovich8104 4 жыл бұрын

Still don't understand why James hasn't incorporated this into Intruder functionality - that would add multiple insertion points, wordlists and other Intruder features for free. Instead, he decided to implement this as a separate extension.