burpsuite插件————AES-Killer的使用

下载地址：https://github.com/Ebryx/AES-Killer

Burpsuite Plugin to decrypt AES Encrypted traffic on the fly

• Burpsuite
• Java

• Burpsuite 1.7.36
• Windows 10
• xubuntu 18.04
• Kali Linux 2018

• The IProxyListener decrypt requests and encrypt responses, and an IHttpListener than encrypt requests and decrypt responses.
• Burp sees the decrypted traffic, including Repeater, Intruder and Scanner, but the client/mobile app and server see the encrypted version.

NOTE: Currently support AES/CBC/PKCS5Padding encryption/decryption.

• Require AES Encryption Key (Can be obtained by using frida script or reversing mobile app)
• Require AES Encryption Initialize Vector (Can be obtained by using frida script or reversing mobile app)
• Request Parameter (Leave blank in case of whole request body)
• Response Parameter (Leave blank in case of whole response body)
• Character Separated with space for obfuscation on request/response (In case of Offuscation)
• URL/Host of target to decrypt/encrypt request and response

Download jar file from Release and add in burpsuite

Original Request/Response

• First setup frida server on IOS and Android device.
• Launch Application on mobile device.
• Run this frida script on your host machine to get AES Encryption Key and IV.

• Provide SecretSpecKey under Secret Key field
• Provide IV under Initialize Vector field
• Provide Host/URL to filter request and response for encryption and decryption
• Press Start AES Killer