• burp


    Pitchfork: This uses multiple payload sets. There is a different payload set for each defined position (up to a maximum of 8). The attack iterates through all payload sets simultaneously, and inserts one payload into each defined position. I.e., the first request will insert the first payload from payload set 1 into position 1 and the first payload from payload set 2 into position 2; the second request will insert the second payload from payload set 1 into position 1 and the second payload from payload set 2 into position 2, etc. This attack type is useful where an attack requires different but related input to be inserted in multiple places within the HTTP request (e.g. a username in one data field, and a known ID number corresponding to that username in another data field). The total number of requests generated by(决定) the attack is the number of payloads in the smallest payload set.

    使用多个载荷集。每个定义的位置有一个载荷集(最大8个字典)。攻击遍历所有载荷集的同时,插入一个载荷到每一个定义的位置。第一个请求插入第一个载荷从载荷集1到位置1,第一个载荷从载荷集2到到位置2,第二个请求插入第二个载荷从载荷集1到位置1,第二个载荷从载荷集2到到位置2。在需要有两个不同的但又有关系的输入。攻击的总次数由载荷少的字典决定。

  • 相关阅读:
    leetcode38.外观数列(循环匹配)
    leetcode35.搜索插入位置(遍历并进行大小判断)
    leetcode28.实现strStr()(暴力拆解,双指针,KMP算法)
    JavaScript对象
    数组迭代
    数组的用法:
    数组
    while与do while 区别 for循环的简介及break和continue的区别
    for循环语句
    if.......else语句子
  • 原文地址:https://www.cnblogs.com/Rrouned/p/3403032.html
Copyright © 2020-2023  润新知