Decoder, Comparer, Sequencer -work with encoded text -analyse randomness of captured tokens -be able to perform efficiently
Decoder -Allows us to manipulate data -decode information we capture during an attack -Decode/Encode
- plane: before performing transformation
- url: make data safe to transfer in url of a web request, exchanging characters for their ASCII character code in hexadecimal format using (%)
- HTML: replace special characters with an ampersand(&) followed by either a hexadecimal number or reference to the character being escaped, then a semicolon; -encode any character as its HTML escaped format or decode captured HTML entities
- Base64: used to encode any data in an ASCII-compatible format
- ASCII Hex: converts data between ASCII and hexadecimal representation 6,7,8: Hex, Octal, Binary: encoding methods apply only to numeric inputs covert from decimal 9: Gzip: compress data, decode and encoded
Hex format: be able to edit input byte-by-byte smart decode: attempts to automatically decode encoded text
Hashing: one-way process that is used to transform data into a unique signature -unique hash value -used to verify the integrity of files and documents, even a very small change will result in hashsum changing significantly
- user inputs password
- application hashes password and check it against stored hash
- application doesn’t need to store original planetext password
Hashing in Decoder - allows to generate hashsums for data directly within burpsuite
Comparer - compare two pieces of data, either by ASCII words or bytes
Sequencer - measure the entropy(randomness) of “tokens” - analyse the randomeness of a session cookie or a cross-site request forgery(CSRF) token protecting a form submission.
- Live capture: most common of the two methods - default sub-tab for sequencer. Live capture request to sequencer. Make multiple request to capture a lot of cookies. store generated token samples for analysis
- Manual load: allo to load a lsit of pre-generated token samples into sequencer for analysis