UI
  • ABOUT US
  • UNSAFE
    • sAMAccountName Spoofing in the Forest
    • Pass-the-Hash Attack Over Named Pipes Against ESET Server Security
    • Netcat Relay
    • Hiren's BootCD in the AD
    • Abusing LAPS
  • INLINE
    • Asena
    • Suyla
    • dcFinder
  • 0DAY
    • ADManager Plus Build < 7210 Elevation of Privilege Vulnerability (CVE-2024-24409)
    • Asp.Net Zero v12.3.0 - HTML Injection Leads To Open Redirect via Websockets (CVE-2023-48003)
    • ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure (CVE-2023-31492)
    • Multiple ManageEngine Applications Critical Information Disclosure Vulnerability
    • Thecus N4800Eco Nas Server Control Panel Comand Injection
    • ManageEngine ADSelfService Plus 6.1 CSV Injection (CVE-2021-33256)
    • Openlitespeed Web Server 1.7.8 - Privilege Escalation (CVE-2021-26758)
    • KLOG Server (Authenticated) Command Injection (CVE-2021-3317)
    • Cokpit version 234 - Server Side Request Forgery (CVE-2020-35850)
    • KLOG Server Unauthenticated Command Injection (CVE-2020-35729)
    • Pearson Vue - VUEApplicationWrapper Unquoted Service Path (CVE-2020-36154)
    • Intel(r) Management and Security Application 5.2 - UNS Unquoted Service Path
    • BRAdmin Professional 3.75 - Unquoted Service Path
Powered by GitBook
On this page
  • REQUIREMENTS
  • USAGE AND EXECUTION LOGIC
  • EXECUTION LOGIC

Was this helpful?

  1. INLINE

Suyla

Suyla is the god takes the victim's soul to Ulgen. This for reason has been put tool name Suyla. Suyla's main purpace by changing http header values sending to target system.

PreviousAsenaNextdcFinder

Last updated 1 year ago

Was this helpful?

Above Process could be perform with http GET and POST methods.

REQUIREMENTS

  • sys

  • os

  • colorama

  • requests

  • json

  • re

USAGE AND EXECUTION LOGIC

For example this process structre and descriptions made using portswigger blind sql injection lab is as following.In initial phase process interfaces is passed with url command. After that is entered http method type and target domain.(Http Methods: GET and POST)

After these proceses operation mode interface is passed with edit command. And In this interface will change http header is entered.

After this input is entered http header value and passed send operation menu. If you choose send command, this value sent to target and received response.

If you want could be this response html output, or instead you can search return word in this response.(In this cookie value of sql payload is tries detect administrators user's password length)

If in blind process is created a payload list. After that , this values added to determined place.(Determined place is expressed '$' and '#' characters, to be increased place is expressed with double '?')

INCREASED PLACE
DETERMONED PLACE

After typing 'ok' and completing the payload list. After this process is entered a word for check true result, (In this attack attention is paid changes on page.) and is entered increase value. In this way payload list as much as the increase value tries on target system.(In initial phase increase value is 1)

EXECUTION LOGIC

In this section we will explain how suyla's does it perform this process.

  1. ‘?’ characters search in the entered http value and this result assignment to ‘plus_result’ variable.

  2. ‘$’ and ‘#’ characters search in the entered http value and this result assignment to ‘find_result’ variable.

  3. After , ‘plus_result’ content checked here.

# Author: Mustafa Gündoğdu - b3kc4t

See the source code for details that cannot be described here. . Give it a click if you like.

Source code
GitHub - mustgundogdu/SUYLA: FREE ENUMERATING IDENTIFIERS TOOLGitHub
Logo