Skip to content

Commit

Permalink
【公众号文章】bugs 【工具文章】tools 【公众号文章】bypass 【公众号文章】HACK学习呀
Browse files Browse the repository at this point in the history
  • Loading branch information
SexyBeast233 committed Feb 15, 2022
1 parent 5cf21be commit 9b758d3
Show file tree
Hide file tree
Showing 10,810 changed files with 531,191 additions and 0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
<html>
<head>
<title>BurpSuite系列(九)----Comparer模块(比较器)</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=0,viewport-fit=cover">
<style>
*{margin:0;padding:0;max-width:100%;box-sizing:border-box;}html{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%;line-height:1.6}img{z-index:999;position:relative;max-width:100%;margin:10px 0;}body{-webkit-touch-callout:none;font family:-apple-system-font,BlinkMacSystemFont,"Helvetica Neue","PingFang SC","Hiragino Sans GB","Microsoft YaHei UI","Microsoft YaHei",Arial,sans-serif;color:#333;letter-spacing:.034em}h1,h2,h3,h4,h5,h6{font-weight:400;font-size:16px;line-height:36px;}a{color:#576b95;text-decoration:none;-webkit-tap-highlight-color:rgba(0,0,0,0)}td,th{word-wrap:break-word;padding:5px 10px;border:1px solid #DDD;}table{margin-bottom:10px;border-collapse:collapse;display:table;width:100%!important;}.appmsg_skin_default .rich_media_area_primary{background-color:#fff}.appmsg_skin_default .rich_media_area_primary .weui-loadmore_line .weui-loadmore__tips{background-color:#fff}.rich_media_area_primary{padding:20px 16px 12px;background-color:#fafafa}@media (max-width:375px){.rich_media_area_primary{padding:20px 60px 15px 60px}.rich_media_area_extra{padding:0 60px 21px 60px}}@media (min-width:1024px){.rich_media_area_primary_inner,.rich_media_area_extra_inner,body{max-width:677px;margin-left:auto;margin-right:auto}.rich_media_area_primary{padding-top:32px}}.rich_media{padding:20px;}.appmsg_skin_default .rich_media_area_primary{background-color:#fff}.appmsg_skin_default .rich_media_area_primary .weui-loadmore_line .weui-loadmore__tips{background-color:#fff}@media screen and (min-width:1024px){.rich_media_area_primary_inner,.rich_media_area_extra_inner{max-width:677px;margin-left:auto;margin-right:auto}.rich_media_area_primary{padding-top:32px}}.rich_media_content{overflow:hidden;color:#333;font-size:17px;line-height:37px;;word-wrap:break-word;-webkit-hyphens:auto;-ms-hyphens:auto;hyphens:auto;text-align:justify;position:relative;z-index:0}.rich_media_content *{max-width:100%!important;box-sizing:border-box!important;-webkit-box-sizing:border-box!important;word-wrap:break-word!important}.rich_media_content p{clear:both;min-height:1em}.rich_media_content em{font-style:italic}.rich_media_content fieldset{min-width:0}.rich_media_content .list-paddingleft-1,.rich_media_content .list-paddingleft-2,.rich_media_content .list-paddingleft-3{padding-left:2.2em}.rich_media_content .list-paddingleft-1 .list-paddingleft-2,.rich_media_content .list-paddingleft-2 .list-paddingleft-2,.rich_media_content .list-paddingleft-3 .list-paddingleft-2{padding-left:30px}.rich_media_content .list-paddingleft-1{padding-left:1.2em}.rich_media_content .list-paddingleft-3{padding-left:3.2em}.rich_media_content .code-snippet,.rich_media_content .code-snippet__fix{max-width:1000%!important}.rich_media_content .code-snippet *,.rich_media_content .code-snippet__fix *{max-width:1000%!important}.rich_media_title{font-size:22px;line-height:42px;;line-height:1.4;margin:10px 0;padding-bottom:10px;border-bottom:1px solid #e7e7eb;}@supports(-webkit-overflow-scrolling:touch){.rich_media_title{font-weight:700}}.rich_media_meta{display:inline-block;vertical-align:middle;margin:0 10px 10px 0;font-size:15px;line-height:35px;;line-height:35px;;line-height:35px;;line-height:35px;;-webkit-tap-highlight-color:rgba(0,0,0,0)}.rich_media_meta.icon_appmsg_tag{margin-right:4px}.rich_media_meta.meta_tag_text{margin-right:0}.rich_media_meta_list em{font-style:normal}.rich_media_meta_text{color:rgba(0,0,0,0.3)}p{margin:0;}.msgBox{margin-top:20px;padding-top:20px;padding-left:50px;overflow:hidden;border-top:2px dashed #09a2ff;}.msg{padding-top:7px;clear:both;}.msgBody{float:right;width:100%;margin-left:55px;padding-bottom:15px;border-bottom:1px dashed #e0e0e0;}.userHeadImg{float:left;margin-left:-50px;}.userHeadImg img{width:40px;height:40px;margin-right:10px;border-radius:3px;}.userName{color:#888888;line-height:24px;font-size:14px;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;line-height:34px;;margin:5px 0 5px 0;height:24px;}.replyBody,.autherBody{color:#565656;font-size:15px;}.replyIcon{border-left:4px solid #33ab01;margin-right:5px;}.ad{text-decoration:none;color:#d6d4d4;font-size:12px;line-height:32px;;}.msgBodyReply{padding-top:5px;}.userName span{float:right;color:#afafaf;font-size:14px;}code{text-align:left;font-size:14px;display:block;white-space:pre;display:-webkit-box;display:-webkit-flex;display:flex;position:relative;}.code-snippet__fix{font-size:14px;margin:10px 0;display:block;color:#333;position:relative;background-color:rgba(0,0,0,0.03);border:1px solid #f0f0f0;border-radius:2px;display:-webkit-box;display:-webkit-flex;display:flex;padding-left:25px;line-height:26px}.code-snippet__fix code{text-align:left;font-size:14px;display:block;white-space:pre;display:-webkit-box;display:-webkit-flex;display:flex;position:relative;font family:Consolas,"Liberation Mono",Menlo,Courier,monospace}.code-snippet__comment,.code-snippet__quote{color:#afafaf;font-style:italic}.code-snippet__keyword,.code-snippet__selector-tag,.code-snippet__subst{color:#ca7d37}.code-snippet__number,.code-snippet__literal,.code-snippet__variable,.code-snippet__template-variable,.code-snippet__tag .code-snippet__attr{color:#0e9ce5}.code-snippet__string,.code-snippet__doctag{color:#d14}.code-snippet__title,.code-snippet__section,.code-snippet__selector-id{color:#d14}.code-snippet__subst{font-weight:normal}.code-snippet__type,.code-snippet__class .code-snippet__title{color:#0e9ce5}.code-snippet__tag,.code-snippet__name,.code-snippet__attribute{color:#0e9ce5;font-weight:normal}.code-snippet__regexp,.code-snippet__link{color:#ca7d37}.code-snippet__symbol,.code-snippet__bullet{color:#d14}.code-snippet__built_in,.code-snippet__builtin-name{color:#ca7d37}.code-snippet__meta{color:#afafaf}.code-snippet__deletion{background:#fdd}.code-snippet__addition{background:#dfd}.code-snippet__emphasis{font-style:italic}.code-snippet__strong{font-weight:bold}.account_avatar{width:40px;height:40px;padding:0;}.account_info{display:-webkit-box;display:-webkit-flex;display:flex;-webkit-box-align:center;-webkit-align-items:center;padding:20px 0;align-items:center}.flex_bd{padding-left:14px;}.account_nickname{display:inline-block;vertical-align:middle;line-height:1.2;color:#576b95;font-size:14px}.account_desc{overflow:hidden;text-overflow:ellipsis;display:-webkit-box;-webkit-box-orient:vertical;-webkit-line-clamp:1;color:rgba(0,0,0,0.3);font-size:14px;line-height:1.2;padding-top:.4em}.msg_source_url{text-align:left;word-break:break-all;margin-top:20px;}.msg_source_url a{padding-right:10px;}.msg_source_url .url_text{color:#a8a8a8;}.video-desc{font-size:14px;margin-top:15px;color:#6c6c6c;}.msg_source_url{text-align:left;}.original_primary_card_tips{color:rgba(0,0,0,0.3);line-height:1.4;font-size:15px;}.weui-flex__item{margin-bottom:20px;padding:20px 16px;margin-top:16px;line-height:1.4;align-items:center;background-color:#f7f7f7;border-radius:8px;position:relative;}.original_primary_desc{color:rgba(0,0,0,0.5);font-size:14px;padding-top:4px;width:auto;overflow:hidden;text-overflow:ellipsis;}.msgBodyReplyList{border-top:1px solid #e1e1e1;margin-top:10px;}.msgBodyReplyListTop{border-top:0;}.reply_like_num{float:right;font-size:14px;color:#c7c7c7;}.msgData{margin-top:20px;color:#626262;}.msgData span{font-size:14px;padding-right:15px;}.msgData .likes{float:right;padding-right:0;}.js_text_content p{font-size:18px;line-height:38px;;}.rich_media_meta_link{font-size:15px;}blockquote {padding-left: 10px;border-left: 3px solid #dbdbdb;color: rgba(0,0,0,0.5);font-size:15px;line-height:35px;;padding-top: 4px;margin: 1em 0;}.video_iframe{width:500px;height:400px;}.blockquote_info{color:#b5b5b5;margin-top:10px;}.playVideoWx{position:relative;display:block;}.icon_mid_play{position:absolute;z-index:9999;top:50%;left:50%;display:-webkit-box;display:-webkit-flex;display:flex;-webkit-box-align:center;-webkit-align-items:center;align-items:center;-webkit-box-pack:center;-webkit-justify-content:center;justify-content:center;width:48px;height:48px;background:rgba(237,237,237,0.9);border-radius:50%}.icon_mid_play:before{content:"";text-indent:-999em;display:inline-block;width:28px;height:28px;vertical-align:middle;background-size:cover;background-image:url("data:image/svg+xml;charset=utf8,%3Csvg xmlns='http://www.w3.org/2000/svg' width='24' height='24' viewBox='0 0 24 24'%3E %3Cpath fill='%23151515' fill-rule='evenodd' d='M9.524 4.938l10.092 6.21a1 1 0 0 1 0 1.704l-10.092 6.21A1 1 0 0 1 8 18.21V5.79a1 1 0 0 1 1.524-.852z'/%3E%3C/svg%3E")}
</style>
<link href="https://www.juyifx.cn/config/css/wxArticle.css" rel="stylesheet"/>
</head>
<body>
<div class="rich_media">

<h1 class="rich_media_title" id="activity-name">



BurpSuite系列(九)----Comparer模块(比较器)
</h1>
<div id="meta_content" class="rich_media_meta_list">

<span class="rich_media_meta rich_media_meta_nickname" id="profileBt">
<a href="javascript:void(0);" class=" weui-wa-hotarea" id="js_name">
HACK学习呀 </a>
<div id="js_profile_qrcode" class="profile_container" style="display:none;">
<div class="profile_inner">
<strong class="profile_nickname">HACK学习呀</strong>


<p class="profile_meta">
<label class="profile_meta_label">微信号</label>
<span class="profile_meta_value">Hacker1961X</span>
</p>

<p class="profile_meta">
<label class="profile_meta_label">功能介绍</label>
<span class="profile_meta_value">HACK学习,专注于互联网安全与黑客精神;渗透测试,社会工程学,Python黑客编程,资源分享,Web渗透培训,电脑技巧,渗透技巧等,为广大网络安全爱好者一个交流分享学习的平台!</span>
</p>

</div>
<span class="profile_arrow_wrp" id="js_profile_arrow_wrp">
<i class="profile_arrow arrow_out"></i>
<i class="profile_arrow arrow_in"></i>
</span>
</div>
</span>
<em id="publish_time" class="rich_media_meta rich_media_meta_text">2018-05-14</em>
</div>


<div id="js_tags" class="article-tag__list" style="display: none;" data-len="0">

<div class="article-tag-card__title">收录于话题</div>
<div class="article-tags">
</div>
</div><div id="weixin_content"><p><img class="" data-copyright="0" data-ratio="0.3188202247191011" data-s="300,640" src="图片/HACK学习呀_2018-05-14_BurpSuite系列(九)----Comparer模块(比较器)/1_aPbK6xQJIHiaUOB16u0KcQnicDG9pg.png" onerror="this.src='https://mmbiz.qpic.cn/mmbiz_png/Uq8Qfeuvou85etJYTkncLGY4Biavb6ibNacP7iaHc5fOEUUHZIlTV3uyqOmgKiaPbK6xQJIHiaUOB16u0KcQnicDG9pg/640?wx_fmt=png'" data-type="png" data-w="712" style=""></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">一、简介</span></p><p><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">Burp Comparer在Burp Suite中主要提供一个可视化的差异比对功能,来对比分析两次数据之间的区别。使用中的场景可能是:&nbsp;<br />1.枚举用户名过程中,对比分析登陆成功和失败时,服务器端反馈结果的区别。&nbsp;<br />2.使用 Intruder 进行攻击时,对于不同的服务器端响应,可以很快的分析出两次响应的区别在哪里。&nbsp;<br />3.进行SQL注入的盲注测试时,比较两次响应消息的差异,判断响应结果与注入条件的关联关系。<br /></span></p><p><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">二、模块说明</span></p><p><img class="" data-ratio="0.5698466780238501" src="图片/HACK学习呀_2018-05-14_BurpSuite系列(九)----Comparer模块(比较器)/2_v8DqezVAwsQh5oL9kVH7K73XvHNqKA.png" onerror="this.src='https://mmbiz.qpic.cn/mmbiz_png/Uq8Qfeuvouibc2W9hnibgaoib7k7TD2nkj7iaBCddo3aFBFsPY3Uc8VR7tzUv8DqezVAwsQh5oL9kVH7K73XvHNqKA/640?wx_fmt=png'" data-type="png" data-w="1174"><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">对于Comparer的使用,主要有两个环节组成,先是数据加载,然后是差异分析。 Comparer数据加载的方式常用的有:</span></p><p><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">1.从其他Burp工具通过上下文菜单转发过来。</span></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">2.直接粘贴。</span></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">3.从文件加载三种方式。</span></p><p><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">当加载完毕后,如果你选择了两次不同的请求或应答消息,则下发的比较按钮将被激活,可以选择文本比较或者字节比较。<br /></span></p><p><br /></p><p><img class="" data-ratio="0.5689948892674617" src="图片/HACK学习呀_2018-05-14_BurpSuite系列(九)----Comparer模块(比较器)/3_5ico9h3B4PIvRGwib0jJt2dYmCDAGQ.png" onerror="this.src='https://mmbiz.qpic.cn/mmbiz_png/Uq8Qfeuvouibc2W9hnibgaoib7k7TD2nkj7ZXh8jcCn4Jqj3qC1RN6kKMcqPib5ico9h3B4PIvRGwib0jJt2dYmCDAGQ/640?wx_fmt=png'" data-type="png" data-w="1174"><br /></p><p><span style="font-size:15px;line-height:35px;;color: rgb(136, 136, 136);">如果点击了【words】或者【bytes】,则进入比对界面,页面自动通过背景颜色显示数据的差异。</span></p><p><img class="" data-copyright="0" data-ratio="0.3281027104136947" data-s="300,640" src="图片/HACK学习呀_2018-05-14_BurpSuite系列(九)----Comparer模块(比较器)/4_9kZ6Bzp6HKPIkCGYkfBsPynR63cBgg.png" onerror="this.src='https://mmbiz.qpic.cn/mmbiz_png/Uq8Qfeuvou85etJYTkncLGY4Biavb6ibNajxPOSFB9UFWD40tY4uCrHqy59kZ6Bzp6HKPIkCGYkfBsPynR63cBgg/640?wx_fmt=png'" data-type="png" data-w="701" style=""></p><p><br /></p>
</div>
</div>
</body>
</html>
Loading

0 comments on commit 9b758d3

Please sign in to comment.