-
-
Notifications
You must be signed in to change notification settings - Fork 4
1.8. encoded parameter injector
this feature is enable to inject pattern to encoded value such as base64 encoded value. you can decode parameter which has encoded value in messageView window and then embeding attack pattern to decoded value on scanning
1.decoding parameter 1)select request in sitemap or history tab. add to macrobuilder 2) In macrobuilder tab,select request and right-click to popup menu then select messageView 3) In messageView, select parameter value which you want to decode 4)right+click to popup menu then select decode 5) decode dialog is displayed. In decode dialog, select encoded type which you want to decode value. 6)click ok to close dialog, 7)In messageView, encoded parameter value is displayed within special pseudo tags
2.sendmessage with decoded parameter In messageView.right+click to popup menu and then select sendmsg
3.scanning with decoded parameter 1)In macrobuilder tab or messageView, right+click to popup menu and then select scan
2)In Scan dialg, click DecodedInjector tab. 3)insert injection vector position which is the same like CustomVector tab. 4)click start scan