105
GitHub - Ebryx/AES-Killer: Burp plugin to decrypt AES Encrypted traffic of mobil...
source link: https://github.com/Ebryx/AES-Killer
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
AES Killer (Burpsuite Plugin)
Burpsuite Plugin to decrypt AES Encrypted mobile app traffic
Requirements
- Burpsuite
- Java
Tested on
- Burpsuite 1.7.36
- Windows 10
- xubuntu 18.04
- Kali Linux 2018
What it does
- Decrypt AES Encrypted traffic on proxy tab
- Decrypt AES Encrypted traffic on proxy, scanner, repeater and intruder
NOTE: Currently support AES/CBC/PKCS5Padding encryption/decryption
How it works
- Require AES Encryption Key (Can be obtained by reversing mobile app)
- Require AES Encryption Initialize Vector (Can be obtained by reversing mobile app)
- Request Parameter (Leave blank in case of whole request body)
- Response Parameter (Leave blank in case of whole response body)
- Character Separated with space for obfuscation on request/response
- URL/Host of target to filter request and response
How to Install
Download jar file from Release and add in burpsuite
Original Request/Response
Decrypted Request/Response
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK