At the moment, I need to clone the same sequence multiple times to support multi threading. This is how I did it for example in a project when I needed multi-threading in Intruder:
I created transaction-sign0 to transaction-sign3 sequences using export and import function for cloning
The Hackvertor extension then used in Intruder to call each sequence separately (Intruder payload was set to sequential numbers): x-stepper-execute-before: transaction-sign<@set_variable1('false')><@arithmetic(4,'%',',')>§0§<@/arithmetic><@/set_variable1>
The above header would call four Stepper sequence from number 0 to 3 after the ‘transaction-sign’ string.
The request body in Intruder was also updated to get its parameters from the relevant sequence. The following string shows how the ‘id’ parameter was set as an example: {"signatures":[{"id":$VAR:transaction-sign<@get_variable1/>:sigid$,"deviceType":"FOOBAR",...
The <@get_variable1/> tag is set by the Hackvertor extension as it has already been set in the header of the same HTTP request using the <@set_variable1 tag.
If I use a sequence in Intruder, it limits me to 1 thread as stepper has a visualize way of showing the results. I am not sure how this can be done without a major architectural change though. Perhaps when a trigger signal comes from scanners, extensions, and intruder, instead of showing the result in the stepper panel to cause a dead lock, do everything asynchronously without updating the UI as if they were separate sequences (remember that variables need to point to the result of these sequences so perhaps a cheat can be by updating the $VAR:sequenceName:sigid$ to $VAR:sequenceName[randomNonceHere]:sigid$ when processing the incoming request as well the sequences themselves).
If a sequence also relies on another sequence by calling x-stepper-execute-before it may again cause a deadlock or even denial of service so it needs to be investigated.
At the moment, I need to clone the same sequence multiple times to support multi threading. This is how I did it for example in a project when I needed multi-threading in Intruder:
transaction-sign0totransaction-sign3sequences using export and import function for cloningx-stepper-execute-before: transaction-sign<@set_variable1('false')><@arithmetic(4,'%',',')>§0§<@/arithmetic><@/set_variable1>The above header would call four Stepper sequence from number 0 to 3 after the ‘transaction-sign’ string.{"signatures":[{"id":$VAR:transaction-sign<@get_variable1/>:sigid$,"deviceType":"FOOBAR",...The<@get_variable1/>tag is set by the Hackvertor extension as it has already been set in the header of the same HTTP request using the<@set_variable1tag.If I use a sequence in Intruder, it limits me to 1 thread as stepper has a visualize way of showing the results. I am not sure how this can be done without a major architectural change though. Perhaps when a trigger signal comes from scanners, extensions, and intruder, instead of showing the result in the stepper panel to cause a dead lock, do everything asynchronously without updating the UI as if they were separate sequences (remember that variables need to point to the result of these sequences so perhaps a cheat can be by updating the
$VAR:sequenceName:sigid$to$VAR:sequenceName[randomNonceHere]:sigid$when processing the incoming request as well the sequences themselves).If a sequence also relies on another sequence by calling
x-stepper-execute-beforeit may again cause a deadlock or even denial of service so it needs to be investigated.