Logger++ 필터규칙

BurpSuite

Logger++ 필터규칙

우와해커 2019. 1. 9. 14:22

그 밖에 옵션 참고

https://github.com/NCCGroup/BurpSuiteLoggerPlusPlus

필터옵션

REQUEST, REQUESTHEADERS

RESPONSE, RESPONSEHEADERS

MIMETYPE

== 매칭 , != 노매칭

&& 그리고

|| 또는

RESPONSEHEADERS == /Access-Control-Allow-Origin: foo.example.org/

아이피주소

RESPONSE == /([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})/

휴대폰번호

RESPONSE == /010\d{3,4}\d{4}/ || RESPONSE == /010-\d{3,4}-\d{4}/

이메일주소

RESPONSE == /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}/

admin|stg(?!-images|roup|ate|lobal)|dev\.|dev2|preview4|origin2|origin\.|qaweb|aem(?!api|&|=|.components|.varstatic|.util|.customevent|.templates|\|\||.globaltext|\)|\s)|p4\.(?!jpg|gif|mp4|png)|tst-sdsla

일반필터
[{"name":"CORS","filter":{"filter":"RESPONSEHEADERS \u003d\u003d /Access-Control-Allow-Origin: foo.example.org/"},"filterString":"RESPONSEHEADERS \u003d\u003d /Access-Control-Allow-Origin: foo.example.org/"},{"name":"IP","filter":{"filter":"RESPONSE \u003d\u003d /([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/"},"filterString":"RESPONSE \u003d\u003d /([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/"},{"name":"HPHONE","filter":{"filter":"RESPONSE \u003d\u003d /010\\d{3,4}\\d{4}/ || RESPONSE \u003d\u003d /010-\\d{3,4}-\\d{4}/"},"filterString":"RESPONSE \u003d\u003d /010\\d{3,4}\\d{4}/ || RESPONSE \u003d\u003d /010-\\d{3,4}-\\d{4}/"},{"name":"EMAIL","filter":{"filter":"RESPONSE \u003d\u003d /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}/"},"filterString":"RESPONSE \u003d\u003d /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}/"}]

컬러필터
{"2add8ace-b652-416a-af08-4d78c5d22bc7":{"uid":"2add8ace-b652-416a-af08-4d78c5d22bc7","name":"CORS","filter":{"filter":"RESPONSEHEADERS \u003d\u003d /Access-Control-Allow-Origin: foo.example.org/"},"filterString":"RESPONSEHEADERS \u003d\u003d /Access-Control-Allow-Origin: foo.example.org/","backgroundColor":{"value":-3342388,"falpha":0.0},"foregroundColor":{"value":-16777216,"falpha":0.0},"enabled":true,"modified":false,"shouldRetest":true,"priority":1},"9f755986-cb9a-4049-9e85-fa3c33e48327":{"uid":"9f755986-cb9a-4049-9e85-fa3c33e48327","name":"IP","filter":{"filter":"RESPONSE \u003d\u003d /([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/"},"filterString":"RESPONSE \u003d\u003d /([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})/","backgroundColor":{"value":-26164,"falpha":0.0},"foregroundColor":{"value":-16777216,"falpha":0.0},"enabled":true,"modified":false,"shouldRetest":true,"priority":1},"c69eb840-507d-41e9-9e9a-7ba906f67b32":{"uid":"c69eb840-507d-41e9-9e9a-7ba906f67b32","name":"HPHONE","filter":{"filter":"RESPONSE \u003d\u003d /010\\d{3,4}\\d{4}/ || RESPONSE \u003d\u003d /010-\\d{3,4}-\\d{4}/"},"filterString":"RESPONSE \u003d\u003d /010\\d{3,4}\\d{4}/ || RESPONSE \u003d\u003d /010-\\d{3,4}-\\d{4}/","backgroundColor":{"value":-16724788,"falpha":0.0},"enabled":true,"modified":true,"shouldRetest":true,"priority":2},"3bdd149e-a76e-4cfe-85b2-dc0ae7207ccc":{"uid":"3bdd149e-a76e-4cfe-85b2-dc0ae7207ccc","name":"EMAIL","filter":{"filter":"RESPONSE \u003d\u003d /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}/"},"filterString":"RESPONSE \u003d\u003d /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,4}/","backgroundColor":{"value":-13159,"falpha":0.0},"enabled":true,"modified":true,"shouldRetest":true,"priority":3}}