Basic Options

The Basic category contains following options

  --target TARGET_URL   Target's url: https://zinja-coder.github.io/jafarpathan
  --button submit       Button element which will submit form data.
  --attack 2            The attack mode:
                         1. SNIPER
                         2. BATTERING RAM
                         3. PITCH FORK
                         4. CLUSTER BOMB

  Sniper and Battering Ram:
  --elements username,password,phone,address
                        Input fields(target elements of form) in comma separated values.
  --payloads /home/payloads.txt
                        /path/to/payload/file.

PitchFork and Cluster Bomb:
  --elements-payloads FIELD:/PATH/TO/FILE,textarea:payloads.txt,data:pay.txt
                        Input fields(target elements of form) and their respective payloads files.

The --target option

  • It specifies the url of the page to which The BrowserBruter will navigate to in order to fuzz the form.
  • The BrowserBruter will navigate to this URL for each payload and fuzz attempt.

The --elements option

The --elements option takes comma separated list of elements to be fuzzed. Learn more here

Note: BrowserBruter can find the elements by their - name, id, class, type or even value.

If the values for element's class is "btn btn-default" then specify this element by last value of class - 

<input type="text" class="btn btn-default">

--elements btn-default

or using CSS SELECTOR

--elements button.btn.btn-default

The --button option

  • Provide the id, name, class or type attribute's value of to this options.
  • This is the identifier for the element responsible for submitting the form.
  • This can be either button, input or any other element which triggers submission of form or input fields.

  • You can get the element's attribute(id, name, class, type) by right clicking on that element and selecting inspect option as shown below.

The --payloads option

The --payloads option takes a file containing the payloads. Learn more about here

The --elements-payloads option

The --elements-payloads option is combination of above two option and takes elements and payloads in element:/path/to/payload/file.txt pair. Learn more about it here

Pause - Resume Attack in the middle by pressing ENTER

The BrowserBruter can be paused in the middle of the attack by pressing the ENTER key.

The --attack option

  • This option specifies the attack mode of The BrowserBruter.
  • It can be either 1, 2, 3, or 4.

  • Entering any other values throws following error

    • ERROR: Please enter values either 1, 2, 3 or 4 in --attack

  • The detailed explanation of this option is in next section.

Please proceed to next section for further information on attack modes.

results matching ""

    No results matching ""