burpfakeIP

burpfakeIP

介绍

burpfakeIP是BurpSuite的一个插件

可以用于伪造ip

下载地址

安装

下载并解压到本地

打开BP 安装

image-20240503155652009

添加

image-20240503155723758

下一个

image-20240503155745843

安装成功

使用

伪造指定ip

右击抓到的数据包,选择fakeip,inputIP,输入想要用的ip地址,点击确定,自动添加

image-20240503155958255

image-20240503160008018

image-20240503160021997

伪造本地ip

右击数据包选择127.0.0.1(如上图),自动生成如下数据包

GET / HTTP/1.1
 
Host: 192.168.1.135:8002
 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
 
Accept-Encoding: gzip, deflate
 
Cookie: ASPSESSIONIDAACSRSQS=CJLFMKFBLOABHEPKPBEKLPOA; ASPSESSIONIDAACSRTRT=HOAFJLFBABBHLECCHJEGMIMO
 
DNT: 1
 
Connection: close
 
Upgrade-Insecure-Requests: 1
 
X-Forwarded-For:127.0.0.1
 
X-Forwarded:127.0.0.1
 
Forwarded-For:127.0.0.1
 
Forwarded:127.0.0.1
 
X-Forwarded-Host:127.0.0.1
 
X-remote-IP:127.0.0.1
 
X-remote-addr:127.0.0.1
 
True-Client-IP:127.0.0.1
 
X-Client-IP:127.0.0.1
 
Client-IP:127.0.0.1
 
X-Real-IP:127.0.0.1
 
Ali-CDN-Real-IP:127.0.0.1
 
Cdn-Src-Ip:127.0.0.1
 
Cdn-Real-Ip:127.0.0.1
 
CF-Connecting-IP:127.0.0.1
 
X-Cluster-Client-IP:127.0.0.1
 
WL-Proxy-Client-IP:127.0.0.1
 
Proxy-Client-IP:127.0.0.1
 
Fastly-Client-Ip:127.0.0.1
 
True-Client-Ip:127.0.0.1

伪造随机ip

右击数据包选择randomIP(如上图),生成如下数据包

GET / HTTP/1.1
 
Host: 192.168.1.135:8002
 
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
 
Accept-Encoding: gzip, deflate
 
Cookie: ASPSESSIONIDAACSRSQS=CJLFMKFBLOABHEPKPBEKLPOA; ASPSESSIONIDAACSRTRT=HOAFJLFBABBHLECCHJEGMIMO
 
DNT: 1
 
Connection: close
 
Upgrade-Insecure-Requests: 1
 
X-Forwarded-For:37.120.247.234
 
X-Forwarded:37.120.247.234
 
Forwarded-For:37.120.247.234
 
Forwarded:37.120.247.234
 
X-Forwarded-Host:37.120.247.234
 
X-remote-IP:37.120.247.234
 
X-remote-addr:37.120.247.234
 
True-Client-IP:37.120.247.234
 
X-Client-IP:37.120.247.234
 
Client-IP:37.120.247.234
 
X-Real-IP:37.120.247.234
 
Ali-CDN-Real-IP:37.120.247.234
 
Cdn-Src-Ip:37.120.247.234
 
Cdn-Real-Ip:37.120.247.234
 
CF-Connecting-IP:37.120.247.234
 
X-Cluster-Client-IP:37.120.247.234
 
WL-Proxy-Client-IP:37.120.247.234
 
Proxy-Client-IP:37.120.247.234
 
Fastly-Client-Ip:37.120.247.234
 
True-Client-Ip:37.120.247.234

随机ip爆破

这是这个插件的核心功能

将数据包发送到Intruder模块,在Positions中切换Attack type为Pitchfork模式,选择好有效的伪造字段,以及需要爆破的字段

image-20240503160320597

将Payload来源设置为Extensin-generated,并设置负载伪fakeIpPayloads,然后设置第二个变量。

image-20240503160349569

点击Start attack开始爆破.

image-20240503160409258