Professional Community

PHP Object Injection Slinger

This is an extension for Burp Suite Professional, designed to help you scan for PHP Object Injection vulnerabilities on popular PHP Frameworks and some of their dependencies. It will send a serialized PHP Object to the web application designed to force the web server to perform a DNS lookup to a Burp Collaborator Callback Host.

The payloads for this extension are all from the excellent Ambionics project PHPGGC. PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically. You will need it for further exploiting any vulnerabilities found by this extension.

You should combine your testing with the PHP Object Injection Check extension from Securify so you can identify other possible PHP Object Injection issues that this extension does not pick up.

To use the extension, on the Proxy/Target/Intruder/Repeater Tab, right click on the desired HTTP Request and click Send To POI Slinger. This will also highlight the HTTP Request and set the comment Sent to POI Slinger You can watch the debug messages on the extension's output pane under Extender->Extensions->PHP Object Injection Slinger.

Author

Author

Ricardo Almeida

Version

Version

1.0

Rating

Rating

Popularity

Popularity

Last updated

Last updated

20 November 2019

Estimated system impact

Estimated system impact

Overall impact: High

Memory
Low
CPU
Low
General
Low
Scanner
High

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

You can view the source code for all BApp Store extensions on our GitHub page.

Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore

Note:

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.