{"id":13636745,"url":"https://github.com/righettod/virtualhost-payload-generator","last_synced_at":"2025-04-19T08:33:10.222Z","repository":{"id":97552396,"uuid":"103740521","full_name":"righettod/virtualhost-payload-generator","owner":"righettod","description":"BURP extension providing a set of values for the HTTP request \"Host\" header for the \"BURP Intruder\" in order to abuse virtual host resolution.","archived":true,"fork":false,"pushed_at":"2017-10-08T07:11:00.000Z","size":188,"stargazers_count":61,"open_issues_count":1,"forks_count":14,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-08-02T00:23:09.076Z","etag":null,"topics":["burp-extensions","pentesting","web"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/righettod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-09-16T09:20:47.000Z","updated_at":"2023-10-09T06:42:46.000Z","dependencies_parsed_at":"2023-03-17T23:30:32.116Z","dependency_job_id":null,"html_url":"https://github.com/righettod/virtualhost-payload-generator","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/righettod%2Fvirtualhost-payload-generator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/righettod%2Fvirtualhost-payload-generator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/righettod%2Fvirtualhost-payload-generator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/righettod%2Fvirtualhost-payload-generator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/righettod","download_url":"https://codeload.github.com/righettod/virtualhost-payload-generator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223795250,"owners_count":17204136,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["burp-extensions","pentesting","web"],"created_at":"2024-08-02T00:01:04.756Z","updated_at":"2024-11-09T06:30:51.461Z","avatar_url":"https://github.com/righettod.png","language":"Java","funding_links":[],"categories":["Java","Payload Generators and Fuzzers","\u003ca id=\"aa76bde443edd8ef5b7af7e0fcab354e\"\u003e\u003c/a\u003e工具"],"sub_categories":["Template Injection","SSRF","\u003ca id=\"285c52a4e04dd2f86646c8e1235c9332\"\u003e\u003c/a\u003e工具"],"readme":"[![Build Status](https://travis-ci.org/righettod/virtualhost-payload-generator.svg?branch=master)](https://travis-ci.org/righettod/virtualhost-payload-generator)\n[![Coverity Status](https://scan.coverity.com/projects/13781/badge.svg)](https://scan.coverity.com/projects/righettod-virtualhost-payload-generator)\n\n# Virtual Host Payload Generator\n\nBurp extension providing a set of values for the HTTP request **Host** header for the *Burp Intruder* in order to abuse virtual host resolution.\n\nIt's based on the information provided by this article from the Burp team: [Cracking the Lens: Targeting HTTP's Hidden Attack-Surface ](http://blog.portswigger.net/2017/07/cracking-lens-targeting-https-hidden.html)\n\nThe idea of the extension is to use the Burp Intruder in order to identify different responses when Host header is abused and then find an potential attack surface.\n\n# Usage\n\n**Step 1**: Send a request to the Intruder then set a placeholder on the **Host** header and replace the relative URL by the absolute version of the URL on the first line:\n\n![Step1](tuto1.png)\n\n**Step 2**: Select the **Payload Sets** from an **Extension-generated** type and select the **Host headers** extension payload generator.\n\nDo not forget to uncheck the **Payload Encoding** option:\n\n![Step2](tuto2.png)\n\n![Step3](tuto3.png)\n\n**Step 3**: Launch the attack, you can ignore the warning `The Host header in the request does not match the specified target host` because it's normal in our execution context.\n\nYou will see the different responses code, content and size according to the **Host** header value used as payload:\n\n![Step4](tuto4.png)\n\n# Payloads\n\nPayload are stored in the properties file named **virtualhost-payload-generator-config.properties**, precisely in the following key:\n\n```\n# List (separated by a comma) of the host names to use\n# Ports list will be generated from 1 -\u003e 65535\nhost.header.names=localhost,127.0.0.1,intranet,proxy,mail,exchange,ad,fw,reverse-proxy\n```\n\n# Build the extension\n\nThe extension is developed using IntelliJ IDEA Community Edition.\n\nUse the following Maven command `mvn clean package`.\n\nThe extension will be available, as a jar file, in the **target** folder.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frighettod%2Fvirtualhost-payload-generator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frighettod%2Fvirtualhost-payload-generator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frighettod%2Fvirtualhost-payload-generator/lists"}