Categories: Kali Linux

PwnBack – Burp Extender Plugin That Generates A Sitemap Of A Website Using Wayback Machine

PwnBack requires PhantomJS to run. To understand why it is required currently see the section PhantomsJS.

The plugin has several settings that a user can define depending on their hardware setup.

  • PhantomJS WebDrivers
    • The number of Firefox headless browsers to open. Be mindful of Burp Suite’s memory settings
  • HTTP Response Parsers
    • These are responsible for parsing requests generated by the WebDriver. You may gain very little by increasing this number.
  • Start Year
    • How far back in a Website’s history you’d like to traverse.
  • End Year
    • When to stop looking at a Website’s History
  • PhantomJS Location
    • The location of the PhantomJS binary
  • Output Folder
    • Where to save results when the Export Results button is pressed
  • Domain
    • The domain name to crawl. example.com, example.org, etc.
  • CA Bundle
    • The CA certificate you wish to use for PhantomJS. You shouldn’t need this, however, check Troubleshooting if no traffic is being generated.

Also ReadSQLMap v1.2.9 – Automatic SQL Injection & Database Takeover Tool

PwnBack Installation

In BurpSuite open the Extender Tab

Click the Add button

Locate the jar file included in this repo.

The current version of is v1.7.21, I am unable to guarantee backward support.

Build

Run the following commands

git clone https://github.com/k4ch0w/PwnBack.git
cd PwnBack
./gradlew fatJar

Troubleshooting

There is an issue with the JVM’s Cert storage on certain computers and the SSL certificate provided by archive.org If you see no traffic being generate run the following command and provide the path to the CA-Bundle

curl --remote-name --time-cond cacert.pem https://curl.haxx.se/ca/cacert.pem

Credit: Paul Ganea

R K

Recent Posts

Set Up Nginx Server Blocks on Ubuntu 18.04: Host Multiple Sites

Nginx server blocks let you run more than one website on a single server. Each block…

12 hours ago

Install Tor Browser on Ubuntu 18.04: Anonymous Browsing Guide

Tor Browser is a modified version of Firefox that routes all your web traffic through the Tor…

12 hours ago

Install Vagrant on Ubuntu 18.04: Complete Setup Guide for Developers

Vagrant is a command-line tool that makes it easy to build and manage virtual machine environments.…

13 hours ago

Install VMware Tools on Ubuntu 18.04: Open VM Tools and ISO Guide

VMware Tools is a set of drivers and services that improves the performance of an Ubuntu…

13 hours ago

Install Apache Maven on Ubuntu 18.04: Stable or Latest Version

Java developers use project management tools to automate building their applications. Apache Maven is an open source…

13 hours ago

Install Mono on Ubuntu 18.04: C# Compiler and Runtime Guide

Running programs built for Microsoft's framework on a Linux system is easier than you think. Mono is…

2 days ago