search

PortSwigger / BChecks

BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
https://portswigger.net/burp/documentation/scanner/bchecks
GNU Lesser General Public License v3.0
635 stars 112 forks source link

Multi-path discovery function #221

Open killpi opened 3 months ago

killpi commented 3 months ago

What is the problem you are trying to solve?

I hope to be able to scan different levels of routing

How are you currently being hindered by this problem?

For example, some components related to Springboot may not exist in the root directory or the last level of the route due to microservices or other reasons. Like http://example.com/code/api/gen, I want to check the env endpoint, hoping to check /code/api/gen/env /code/api/env /code/env /env, but I refer to the manual and some current templates, it seems that this operation cannot be achieved

How would you like this problem to be solved?

Hopefully a method can be provided to obtain routes at different levels

Any additional details?

no

Michelle-PortSwigger commented 3 months ago

Hi

You could use an insertion-point-level BCheck, this would allow you to insert details into the different path/folder levels but if used with the default scan audit configuration this would also insert the payload into all other insertion point types as the BCheck itself does not give that level of granularity.

If you used the insertion-point-level BCheck, you do have the option to customise the scan audit configuration 'Insertion Point Types' to control the locations into which Scanner will place payloads.

I hope this helps to explain things.