Thursday, June 9, 2011

Burp Intruder Time fields

This is an update from the last video blog: 

I had a update submission from Toxic after watching Web Application video #2. Although module 4 was to learn how to code custom situations... Toxic noted that there are time fields within burp intruder by adding the columns:

-Response Received
-Response Completed

You can get a number related to the seconds it took for the request to complete... For example the php code originally was set for a 2 second sleep function and so Jsmith had the following output:

Response Received: 2107

Now I upped the sleep function to 4 seconds and Jsmith has a new value of:

Response Received: 4001

I then upped the sleep function to 8 seconds and Jsmith has the new value of:
Response Received: 8002

Indicating that field actually does keep track of the time between request and response... Just another option for anyone playing with time based stuff in burp.....

GOOD CATCH TOXIC!!!!!!

1 comment:

  1. No worries mate, thanks for your great vids and take care

    Cheers,

    T0X1C

    ReplyDelete

Note: Only a member of this blog may post a comment.

Real World Social Engineering Part 2: Integrating SE With Stealth Badge Readers Tips and Tricks

 Below is a video on using stealth readers with social engineering to gain access to physical targets on your penetration tests..   This is ...