dobin / burpsentinel Goto Github PK

Cannot use Sentinel with Burp v1.7.07

no entry in context menu after Plugin installation:

The Alert tab displays a possible reason:

Deprecated Extender API: registerMenuItem()

On installing i m getting the following error on my burp suite v2022.12.4

java.lang.Exception: Extension class is not a recognized type
	at burp.ao0.M(Unknown Source)
	at burp.ao0.l(Unknown Source)
	at burp.wf8.t(Unknown Source)
	at burp.cci.o(Unknown Source)
	at burp.can.lambda$panelLoaded$0(Unknown Source)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:833)

When scanning, hide all answers which are identical to the original response.

Or: Tag it

Optional: Make it optional

also bei SQLi fehlt definitiv eine payload 'or 1=1. ansonsten übersieht er jeden Auth-bypass. Aber das ist ja mit ner konfigurierbaren Payloadliste erledigt

Add or not?

ansonsten usability: wenn der test noch läuft und ich die erste Response ansehe, wird das response-fenster immer wieder neu aufgebaut bzw nach ganz oben gescrollt sobald eine weitere Response eintrifft

Fix window

achso, evtl sollte man noch bei Status Code 500 und Page Title "Server Error" irgendwas anzeigen, dass man dort manuell kontrollieren sollte

Wontfix.

das Fenster vom Categorizer lässt sich nicht mehr schließen :)

Usability: Should be possible to close the window with the standard windowmanager controls.

So Sentiel seems to just stop working in the attack sections. One or two URLs work fine and then it just stops and I need to reopen Burp again. It is a tiny bit annoying. Anyone else encountering this and is there a solution?

Attacks should not be selected per-parameter, but overall (also not per-request). Attacking a parameter should use the attacks specified in the overall configuration.

• Selection box with:
  • Sentinel payloads
  • Lists

The "HTML Errors" indicator sometimes appears, which means there are HTML differences.

But there is no output ("Error message") in the tooltip.

The indicator should only appear:

• If there are differences
• There is an error message

Make an menu option with right click on reponse:
"Hide requests with identical response"
("Hide requests with similar reponse")

On tableright, selected message does not match displayed:

• beautify:
  • should work correctly (also on xss)
  • should not de-beautify
  • should work on strange content, like: {"": ""}{}
• diff view:
  • colorize

From burp release:
There are new settings to enable session handling rules to be in scope for the Extender tool, and to update Burp's cookie jar based on traffic via Extender, allowing requests made by extensions to be fully integrated with Burp's session handling mechanisms.

Integrate with sentinel session handling.

URLDecode the attack param on tooltip, so we can know what was exactly sent.

Insert {} stuff

Implement #22 in burp history

Release new version into the burp app store

First request takes 10+ seconds, then its fast

There is no scrolling available for the resource list (top of Sentinel).
User is required to move other parts of the window around to list all interesting resources.

"æ" gets sent, which is ASCII e6.

Maybe also add some UTF8/16/LE/BE/... strings.

Write a tutorial with all features (e.g. persistent XSS).

Either with GIF's, or as video.

Color the attacks in panelright.

• XSS, SQL1, SQL2, Other, ... as light blue, yellow, etc.
• Make color configurable in the attack selector window (see #14)

Click on several attacks on panelright -> rightclick -> copy: should nicely copy attacks into clipboard

while scanning, top panel should not be rebuild every time a message is added, as it become unusable.

The selection of requests does not work reliable if scanning. (rightpanel)

https://github.com/stamparm/DSSS/blob/master/dsss.py

Hi,

I am running a test with Sentinel looking for sql injections. The website returns an .NET SQL Exception error which is clearly injectable. However Sentinel informs me only for the errors. Is it possible to customize how to detect SQL injections. For example looking for a specific keyword. If yes can it be configurable?

Thanks