Skip to content

vergl4s/signatures

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
img
img
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
signatures.py
signatures.py
 
 

Repository files navigation

Signatures - Length extension attacks in Burp Suite

Burp Suite extension to perform hash length extension attacks on weak signature mechanisms.

Use cases

Examples

Signatures tabs.

Signatures tab

Extension-generated Intruder payloads will be available after messages and hashes are generated on the Signatures tab. Remember to disable URL-encoding for messages (as below).

Signatures payloads

Attack results.

Attack results

TODO

  • RIPEMD
  • Whirlpool
  • Tab for HMAC generation
  • Fix copy message button when padding has line breaks

About

Length extension attacks in Burp Suite

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages