Closed nbxiglk0 closed 1 year ago
Michelle-PortSwigger
commented
1 year ago There isn't currently a way to loop through them. Can you tell us more about what you're trying to achieve? Are you wanting to loop through and check each one against a regex? What actions might you want to take once you've decoded them?
nbxiglk0
commented
1 year ago For example, I want to identify PHP serializable data in request parameters, and this type of data is generally transmitted in the form of base64 encoding. I need to get all the parameters of the request first, then base64 decode them in sequence, and then use regular expressions Make a match。
nbxiglk0
commented
1 year ago maybe i can loop insertion point to achieve it.
Michelle-PortSwigger
commented
1 year ago That sounds like a good idea. You can use insertion_point_base_value to do a regex match for base64 encoding and that should get you where you need to be.
Hi,It would be nice to have an ability to get the current requests parameters , for example i want to passively identify base64 encoded parameters used in the original request or identify the parameter value in the request that uses an encoded special string. You need to identify such parameters first and then decode them for further judgment.