Hi hackers, I write post for easy get bugbounty target scope. simple 2 way.
해커원 버그바운티 프로그램들을 보면 타겟 도메인이 굉장히 많은 경우가 있습니다. 매번 Scope 처리하거나, 테스트 할 때 확인하기 불편한감이 있는데, 이를 쉽게 처리할 수 있는 2가지 방법에 대해 이야기할까 합니다.

TL;DR

- Using Burp project config
- Using my simple script or bookmarklet

1. Burp Suite Project file

Hackerone provides the Burp suite Project config file. This makes it easy to apply the scope to the Burp suite. Look at the bottom of the hackerone page. There's an answer.
해커원에서 고맙게도 타겟 도메인들에 대해 Burp Project 파일로 제공해주고 있습니다. 버바 페이지 맨 아래에 보시면 링크가 있습니다. View change 통해서 변경 이력도 볼 수 있는데, 신규로 추가된 도메인을 식별하기에 좋으니 참고해주세요.



2. Write to simple Code for scope list

I wrote the very simple code because parsing to scope was too annoying. Simple to output a list of domains, which can be used as material values for other tools.
자바스크립트로 간단하게 작성했습니다. 그냥 테이블 정보 읽어서 필요한 필드만 출력하는 정도입니다..

dtable = document.getElementsByClassName("daisy-table")[1].children[0].children;
weblist = ""
applist = ""
for(i=0;i<dtable.length;i++){
  if(dtable[i].children[0].children[0].innerText == "Domain" ){
      weblist = weblist + dtable[i].children[1].children[0].children[0].innerText + "\n"
    }else{
        applist = applist + dtable[i].children[1].children[0].children[0].innerText + "\n"
    }
}
console.log("< WEB >")
console.log(weblist)
console.log("< APP >")
console.log(applist)


case to paypal (https://hackerone.com/paypal)

< WEB >
*.xoom.com
paypal.me
scrutiny.swiftfinancial.com
pigeon.swiftfinancial.com
decision.swiftfinancial.com
partner.swiftfinancial.com
prequal.swiftfinancial.com
*.braintree.tools
*.braintree-api.com
py.pl
paypalobjects.com
*.paydiant.com
*.braintreegateway.com
*.venmo.com
swiftcapital.com
swiftfinancial.com
loanbuilder.com
my.loanbuilder.com
api.loanbuilder.com
my.swiftfinancial.com
api.swiftfinancial.com
www.swiftfinancial.com
www.loanbuilder.com
www.swiftcapital.com
*.braintreepayments.com
www.paypal-*.com
*.paypal.com

< APP >
com.paypal.here
com.venmo
com.paypal.merchant.client
com.xoom.android.app
com.paypal.android.p2pmobile
com.paypal.merchant
com.yourcompany.PPClient
com.paypal.here
com.xoom.app
net.kortina.labs.Venmo
com.paypal.herehd



2-2. Change Bookmarklet

Copy this link and add bookmark with paste :)

javascript:%64%74%61%62%6c%65%20%3d%20%64%6f%63%75%6d%65%6e%74%2e%67%65%74%45%6c%65%6d%65%6e%74%73%42%79%43%6c%61%73%73%4e%61%6d%65%28%22%64%61%69%73%79%2d%74%61%62%6c%65%22%29%5b%31%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%63%68%69%6c%64%72%65%6e%3b%77%65%62%6c%69%73%74%20%3d%20%22%22%3b%61%70%70%6c%69%73%74%20%3d%20%22%22%3b%66%6f%72%28%69%3d%30%3b%69%3c%64%74%61%62%6c%65%2e%6c%65%6e%67%74%68%3b%69%2b%2b%29%7b%69%66%28%64%74%61%62%6c%65%5b%69%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%69%6e%6e%65%72%54%65%78%74%20%3d%3d%20%22%44%6f%6d%61%69%6e%22%20%29%7b%77%65%62%6c%69%73%74%20%3d%20%77%65%62%6c%69%73%74%20%2b%20%64%74%61%62%6c%65%5b%69%5d%2e%63%68%69%6c%64%72%65%6e%5b%31%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%69%6e%6e%65%72%54%65%78%74%20%2b%20%22%5c%6e%22%7d%65%6c%73%65%7b%61%70%70%6c%69%73%74%20%3d%20%61%70%70%6c%69%73%74%20%2b%20%64%74%61%62%6c%65%5b%69%5d%2e%63%68%69%6c%64%72%65%6e%5b%31%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%63%68%69%6c%64%72%65%6e%5b%30%5d%2e%69%6e%6e%65%72%54%65%78%74%20%2b%20%22%5c%6e%22%7d%7d%63%6f%6e%73%6f%6c%65%2e%6c%6f%67%28%22%3c%20%57%45%42%20%3e%22%29%3b%63%6f%6e%73%6f%6c%65%2e%6c%6f%67%28%77%65%62%6c%69%73%74%29%3b%63%6f%6e%73%6f%6c%65%2e%6c%6f%67%28%22%3c%20%41%50%50%20%3e%22%29%3b%63%6f%6e%73%6f%6c%65%2e%6c%6f%67%28%61%70%70%6c%69%73%74%29


댓글 없음:

댓글 쓰기