Skip to content

Latest commit

 

History

History
31 lines (24 loc) · 1.56 KB

README.md

File metadata and controls

31 lines (24 loc) · 1.56 KB

BitTraversal - in development

Installation

Core Idea

A Mutator will run against every request seen from burpsuite e.g(proxy, repeater, scanner) generating a number of potential urls each appended with a payload to be passed to Executor and Detector classes to detect if one of the detection techniques was successful

This plugin uses two main techniques to identify directory traversal vulnerabilities

  • Detection Methods
    1. Static Detection
    2. Dynamic Detection

i) Using predefined payloads specified at payloads.list which will be fetched at runtime from GitHub and matched against regex.list

ii) Still in development. the aim to detect same response requests like /static/css/main.css/ and /static/../static/css/main.css with minimal false postives and also apply similar techniques like the ones found in CVE-2020-5902, CVE-2020-15506

Papers

https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf