burp.config

#---No Comment---
#Sun Nov 13 10:38:58 CET 2011
suite.doAutoSave=false
sequencer.sequencerUpdateCookieJar=false
spider.formsubmissionmode=0
sequencer.doFIPS4=true
sequencer.doFIPS3=true
target.searchcasesensitive=false
sequencer.doFIPS2=true
sequencer.doFIPS1=true
sequencer.doBitCorrelation=true
intruder.payloadsdir=
spider.loginpassword=
intruder.payloadgrep.casesensitive=false
intruder.numattackthreads=5
proxy.showstatus2xx=true
proxy.searchregex=false
suite.saveOnExit=true
spider.detectnotfound=true
scanner.pausebeforeretry=2000
proxy.searchterm=
scanner.activecustomscopeinclude0=**empty**
sequencer.doCSCount=true
target.showonlyparameterised=false
spider.usereferer=true
scanner.activecustomscopeexclude3=1.0.0.0.signout
scanner.activecustomscopeexclude2=1.0.0.0.exit
sequencer.doBase64Decode=false
scanner.activecustomscopeexclude1=1.0.0.0.logoff
scanner.activecustomscopeexclude0=1.0.0.0.logout
repeater.unpackgzipdeflate=true
target.showonlyrequested=false
intruder.throttlefixed=true
spider.processproxyrequests=true
proxy.interceptrequests=false
scanner.throttleinterval=500
scanner.numretries=3
spider.numthreads=10
decoder.decoderUpdateCookieJar=false
scanner.followredirects=true
intruder.payloadprocessor.rule0=**empty**
spider.scopetype=2
suite.dnstimeout=300
proxy.showonlycommented=false
repeater.ssl=false
spider.formsidentitycriteria=2
scanner.testXMLSOAPinjection=true
suite.sessionrule0=PHNlc3Npb25ydWxlPjxyaT4AAAAAATwvcmk+PGNhPgIBPC9jYT48ZD4DAAAAIlVzZSBjb29raWVzIGZyb20gQnVycCdzIGNvb2tpZSBqYXI8L2Q+PHBzbT48bmFtZT4DAAAADXNjb3BlaW5jbHVkZTA8L25hbWU+PHZhbHVlPgMAAAAJKiplbXB0eSoqPC92YWx1ZT48bmFtZT4DAAAADXNjb3BlZXhjbHVkZTA8L25hbWU+PHZhbHVlPgMAAAAJKiplbXB0eSoqPC92YWx1ZT48bmFtZT4DAAAACXNjb3BldHlwZTwvbmFtZT48dmFsdWU+AwAAAAExPC92YWx1ZT48L3BzbT48YWZwPgIAPC9hZnA+PGFmcD4CADwvYWZwPjxhZnA+AgE8L2FmcD48YWZwPgIBPC9hZnA+PGFmcD4CADwvYWZwPjxhZnA+AgA8L2FmcD48YWZwPgIAPC9hZnA+PGFmcD4CADwvYWZwPjxhZnA+AgA8L2FmcD48cGM+AwAAABJzcGlkZXIgYW5kIHNjYW5uZXI8L3BjPjxybnA+AgA8L3JucD48YWN0aW9uPjx0eXBlPgAAAAACPC90eXBlPjxjYT4CATwvY2E+PG1vPgAAAAAAPC9tbz48L2FjdGlvbj48L3Nlc3Npb25ydWxlPg\=\=
target.showstatus5xx=true
intruder.payloadpositions=POST /ispatula/shop/signon.do HTTP/1.1\r\nHost\: localhost\:8081\r\nUser-Agent\: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-GB; rv\:1.9.2.21) Gecko/20110830 Firefox/3.6.21\r\nAccept\: text/html,application/xhtml+xml,application/xml;q\=0.9,*/*;q\=0.8\r\nAccept-Language\: en-gb,en;q\=0.5\r\nAccept-Encoding\: gzip,deflate\r\nAccept-Charset\: ISO-8859-1,utf-8;q\=0.7,*;q\=0.7\r\nKeep-Alive\: 115\r\nProxy-Connection\: keep-alive\r\nReferer\: http\://localhost\:8081/ispatula/shop/signonForm.do\r\nContent-Type\: application/x-www-form-urlencoded\r\nContent-Length\: 52\r\n\r\nusername\=alice&password\=\u00A71234\u00A7&update.x\=44&update.y\=10
intruder.intruderUpdateCookieJar=false
intruder.extractgrep.item3=xsstest
proxy.hideextensionsitems=js,gif,jpg,png,css
intruder.extractgrep.item2=xsstest
intruder.extractgrep.item1=xsstest
intruder.extractgrep.item0=uid\=
intruder.makebaselinerequest=true
proxy.showextensionsitems=asp,aspx,jsp,php
intruder.pausebeforeretry=2000
sequencer.padAtEnd=false
intruder.fixedthrottleval=0
proxy.listener0=1.8080.1.0..0.0.1.0..0..0.
intruder.startwhen=0
sequencer.maxDeviation=5
scanner.testmime=true
proxy.showonlyhighlighted=false
suite.macro0=**empty**
target.showmimexml=true
spider.numretries=3
intruder.extractgrep.maxlen=100
suite.socksproxyhost=
intruder.extractgrep.excludeheaders=true
repeater.host=localhost
spider.iteratesubmitfields=true
intruder.payloadgrep.excludeheaders=false
scanner.passivecustomscopetype=1
intruder.storeresponses=true
target.showmimeotherbinary=false
scanner.testheaderinjection=true
suite.dowwwauth=true
scanner.testpathtraversal=true
target.showmimecss=false
scanner.inserturlparams=true
intruder.extractgrep.casesensitive=false
intruder.payloadprocessor.dourlencode=true
intruder.payloadgrep.matchpreencoded=true
proxy.showstatus5xx=true
intruder.matchgrep.excludeheaders=true
intruder.extractgrep.dogrep=false
target.showmimeimages=false
intruder.matchgrep.item9=not found
scanner.numthreads=10
proxy.showextensions=false
proxy.showmimeothertext=true
intruder.matchgrep.item8=file
intruder.matchgrep.item7=directory
sequencer.doSpectral=true
intruder.matchgrep.item6=access
intruder.matchgrep.item5=stack
intruder.matchgrep.item4=fail
suite.charsetMode=__CharsetAutoRecognise
intruder.matchgrep.item3=invalid
intruder.matchgrep.item2=illegal
scanner.scannerUpdateCookieJar=false
intruder.matchgrep.item1=exception
intruder.matchgrep.item0=error
suite.usesocksproxy=false
scanner.testreflectedXSS=true
scanner.testSQLinjectiontime=true
target.showmimescript=true
proxy.unpackgzipdeflate=true
scanner.testcommandinjection=true
scanner.testredirection=true
scanner.testSQLinjection=true
scanner.testLDAPinjection=true
spider.defaultautofillvalue=555-555-0199@example.com
intruder.setconnectionclose=true
spider.sslprotocol0=**empty**
scanner.teststoredXSS=true
scanner.testinfodisclosure=true
scanner.noninjectableparamrule9=1.3.0.0.9.PHPSESSID
scanner.noninjectableparamrule8=1.3.0.0.7.cftoken
intruder.extractgrep.delimiter='
scanner.noninjectableparamrule7=1.3.0.0.4.cfid
suite.autoSaveFolder=/Users/stephen/data/src/RestyBurp/tmp
scanner.noninjectableparamrule6=1.0.0.0.10.jsessionid
scanner.noninjectableparamrule5=1.2.0.0.17.__eventvalidation
proxy.hideunresponded=false
scanner.noninjectableparamrule4=1.2.0.0.11.__viewstate
scanner.noninjectableparamrule3=1.2.0.0.15.__eventargument
scanner.noninjectableparamrule2=1.2.0.0.13.__eventtarget
scanner.noninjectableparamrule1=1.3.0.0.17.asp.net_sessionid
scanner.noninjectableparamrule0=1.3.0.1.14.aspsessionid.*
target.showstatus4xx=false
suite.allowHttpRequestsInHtmlRendering=true
spider.throttlerandom=false
intruder.attacktype=0
suite.readtilclosetimeout=10
intruder.startdelay=10
target.targetUpdateCookieJar=false
intruder.host=localhost
spider.pausebeforeretry=2000
scanner.testlinks=true
intruder.processcookiesinredirects=false
sequencer.throttle=0
scanner.inserthttpheaders=true
scanner.throttlerandom=false
suite.inScopeOnly=false
intruder.numretries=3
intruder.payloadprocessor.urlencodechars=\ ./\\\=<>?+&*;\:
suite.colouriseRequests=true
intruder.followredirects=0
scanner.dothrottle=false
repeater.request=POST /ispatula/shop/signon.do HTTP/1.1\r\nHost\: localhost\:8081\r\nUser-Agent\: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-GB; rv\:1.9.2.21) Gecko/20110830 Firefox/3.6.21\r\nAccept\: text/html,application/xhtml+xml,application/xml;q\=0.9,*/*;q\=0.8\r\nAccept-Language\: en-gb,en;q\=0.5\r\nAccept-Encoding\: gzip,deflate\r\nAccept-Charset\: ISO-8859-1,utf-8;q\=0.7,*;q\=0.7\r\nKeep-Alive\: 115\r\nProxy-Connection\: keep-alive\r\nReferer\: http\://localhost\:8081/ispatula/shop/signonForm.do\r\nCookie\: JSESSIONID\=0674787A7BE308A30D629E65869B5025\r\nContent-Type\: application/x-www-form-urlencoded\r\nContent-Length\: 52\r\n\r\nusername\=alice&password\=1234&update.x\=44&update.y\=10
target.hideextensionsitems=js,gif,jpg,png,css
suite.messageFontSmoothing=false
spider.throttleinterval=500
scanner.noninjectableparamrule10=1.3.0.0.10.session_id
proxy.interceptresponses=false
comparer.comparerUpdateCookieJar=false
repeater.updateCL=true
scanner.testcommandinjectioninformed=true
target.hideextensions=false
spider.maxformsubmissions=10
intruder.payloadgrep.dogrep=false
intruder.matchgrep.simplepattern=true
intruder.dosmode=false
target.showonlyhighlighted=false
suite.enableAllSupportedSuites=false
suite.redirDoXxxLocation=false
proxy.showmimexml=true
suite.redirDoJavascriptDriven=false
sequencer.ignoreAbnormalLengths=true
suite.socksproxyport=
spider.paramautofillrule9=1.1.3.zip.5.36310
spider.paramautofillrule8=1.1.5.state.2.WI
spider.paramautofillrule7=1.1.4.city.11.Wienerville
spider.spiderUpdateCookieJar=true
spider.paramautofillrule6=1.1.4.addr.13.1 Main Street
spider.paramautofillrule5=1.1.4.comp.17.Wiener Consulting
spider.paramautofillrule4=1.1.4.name.12.Peter Wiener
spider.paramautofillrule3=1.1.7.surname.6.Wiener
spider.paramautofillrule2=1.1.4.last.6.Wiener
suite.socksproxyusername=
suite.tempDir=/Users/stephen/data/src/RestyBurp/tmp
proxy.showstatus4xx=true
spider.paramautofillrule1=1.1.5.first.5.Peter
spider.paramautofillrule0=1.1.4.mail.18.wiener@example.com
target.showonlycommented=false
repeater.port=8081
spider.maxlinkdepth=5
suite.faileddnstimeout=60
spider.dothrottle=false
repeater.followredirects=0
suite.normaltimeout=120
proxy.showmimecss=false
scanner.maxinsertionpoints=30
intruder.ssl=false
sequencer.padChar=48
suite.remove100continueheaders=false
repeater.processcookiesinredirects=false
spider.customheader3=Connection\: close
proxy.showmimeimages=false
spider.customheader2=User-Agent\: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
target.showmimehtml=true
spider.customheader1=Accept-Language\: en
spider.customheader0=Accept\: */*
sequencer.doCSTransitions=true
proxy.removelengthlimits=false
scanner.activecustomscopetype=0
scanner.testviewstate=true
proxy.unhidehiddenfields=false
proxy.showmimescript=true
scanner.intelligentattackselection=true
scanner.insertcookies=true
target.showstatus3xx=true
scanner.testserverissues=true
scanner.testparams=true
proxy.enabledisabledfields=false
target.hidenotfound=true
spider.usehttp11=true
proxy.responserule4=0.0.4.2.
scanner.testforms=true
proxy.responserule3=0.0.12.1.^304$
proxy.responserule2=0.1.6.2.
proxy.responserule1=0.1.6.4.
proxy.responserule0=1.1.13.0.text
suite.autoSaveInterval=1
intruder.varthrottlestart=0
suite.colouriseResponses=true
spider.apploginmode=2
spider.scopeinclude0=**empty**
target.showmimeothertext=true
spider.scopeexclude3=1.0.0.0.signout
spider.scopeexclude2=1.0.0.0.exit
spider.proxylinkdepth=0
spider.scopeexclude1=1.0.0.0.logoff
spider.scopeexclude0=1.0.0.0.logout
target.hideemptyfolders=true
proxy.searchcasesensitive=false
spider.loginusername=
target.showmimeflash=true
intruder.port=8081
proxy.showonlyparameterised=false
target.searchregex=false
suite.redirDo3xxLocation=true
spider.checkrobotstxt=true
repeater.repeaterUpdateCookieJar=false
sequencer.numThreads=5
scanner.insertparamname=true
sequencer.doBitCompress=true
suite.redirDoMetaRefresh=true
proxy.listener=
target.showextensionsitems=asp,aspx,jsp,php
scanner.testcaching=true
intruder.matchgrep.dogrep=false
scanner.testcookies=true
proxy.showstatus3xx=true
spider.paramautofillrule20=1.1.8.passport.10.0123456789
scanner.testcommandinjectionblind=true
proxy.hideextensions=false
spider.requestdynpageswithoutparams=true
suite.hostresolverrule0=**empty**
spider.setunmatchedfields=true
intruder.extractgrep.simplepattern=true
scanner.testSQLinjectionerror=true
intruder.newtabbehaviour=0
proxy.showonlyinscope=false
spider.paramautofillrule19=1.1.4.year.4.1980
spider.paramautofillrule18=1.1.5.month.2.01
proxy.matchreplacerule4=0.2.14.^Set-Cookie.*$
intruder.storepayloads=false
target.scopeinclude1=1.1.11.^localhost$6.^8081$^/ispatula.*
spider.paramautofillrule17=1.1.3.day.2.01
proxy.matchreplacerule3=0.0.11.^Referer.*$
target.scopeinclude0=1.1.11.^localhost$6.^8081$^/ispatula/.*
spider.paramautofillrule16=1.1.3.age.2.30
proxy.matchreplacerule2=0.0.17.^If-None-Match.*$
spider.paramautofillrule15=1.1.6.social.11.123 45 6789
proxy.matchreplacerule1=0.0.21.^If-Modified-Since.*$
spider.paramautofillrule14=1.1.3.ssn.11.123 45 6789
proxy.matchreplacerule0=0.0.14.^User-Agent.*$User-Agent\: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
target.scopeexclude3=1.0.0.0.signout
spider.paramautofillrule13=1.1.3.tel.12.555-555-0199
target.scopeexclude2=1.0.0.0.exit
spider.paramautofillrule12=1.1.5.phone.12.555-555-0199
target.scopeexclude1=1.0.0.0.logoff
spider.paramautofillrule11=1.1.4.area.3.555
target.scopeexclude0=1.0.0.0.logout
spider.paramautofillrule10=1.1.4.post.8.SW1A 1AA
suite.socksproxypassword=
target.searchterm=
intruder.matchgrep.item19=111111
scanner.insertrestparams=false
intruder.matchgrep.item18=ORA-
intruder.matchgrep.item17=syntax
intruder.matchgrep.item16=quotation mark
proxy.removealljavascript=false
intruder.matchgrep.item15=SQL
intruder.matchgrep.item14=ODBC
proxy.removeobjecttags=false
intruder.matchgrep.item13=varchar
intruder.matchgrep.item12=c\:\\
intruder.matchgrep.item11=uid\=
intruder.matchgrep.item10=unknown
scanner.nontestableparamrule0=**empty**
proxy.removejsformvalidation=false
proxy.showmimeflash=true
suite.messageFontSize=13
scanner.testSQLinjectionboolean=true
suite.understand100continue=true
proxy.showmimehtml=true
proxy.http10=false
proxy.proxyUpdateCookieJar=true
suite.messageFont=Courier New
proxy.requestrule3=0.0.4.2.
proxy.requestrule2=0.1.3.1.(get|post)
proxy.requestrule1=0.1.6.0.
proxy.requestrule0=1.0.5.1.(^gif$|^jpg$|^png$|^css$|^js$|^ico$)
target.showstatus2xx=true
# No upstream proxy defined
# suite.upstreamproxyrule0=**empty**
# Below line is an example of using an upstream proxy at localhost port 8082
suite.upstreamproxyrule0=1.1.*9.localhost8086.0.0.0.0.0.
suite.promptforcredentials=false
intruder.varthrottlestep=30000
scanner.insertbodyparams=true
intruder.updateCLheader=true
intruder.autoplacementappend=false
intruder.matchgrep.casesensitive=false
intruder.storerequests=true
spider.requestfolderroots=true
scanner.insertamfparams=true
scanner.passivecustomscopeinclude0=**empty**
proxy.showmimeotherbinary=false
scanner.passivecustomscopeexclude3=1.0.0.0.signout
scanner.passivecustomscopeexclude2=1.0.0.0.exit
scanner.passivecustomscopeexclude1=1.0.0.0.logoff
scanner.passivecustomscopeexclude0=1.0.0.0.logout
scanner.testheadermanipulation=true
spider.requesttexttypesonly=true
suite.redirRefreshHeader=true
target.showextensions=false
target.showonlyinscope=false
proxy.updaterequestcontentlength=true