HTTP Payloads
HTTP Payloads Examples
Review some HTTP payload examples for Nuclei
HTTP Intruder Bruteforcing
This template makes a defined POST request in RAW format along with in template defined payloads running clusterbomb
intruder and checking for string match against response.
id: multiple-raw-example
info:
name: Test RAW Template
author: pdteam
severity: info
# HTTP Intruder bruteforcing with in template payload support.
http:
- raw:
- |
POST /?username=§username§¶mb=§password§ HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5)
Host: {{Hostname}}
another_header: {{base64('§password§')}}
Accept: */*
body=test
payloads:
username:
- admin
password:
- admin
- guest
- password
- test
- 12345
- 123456
attack: clusterbomb # Available: batteringram,pitchfork,clusterbomb
matchers:
- type: word
words:
- "Test is test matcher text"
BruteForcing multiple requests
This template makes a defined POST request in RAW format along with wordlist based payloads running clusterbomb
intruder and checking for string match against response.
id: multiple-raw-example
info:
name: Test RAW Template
author: pdteam
severity: info
http:
- raw:
- |
POST /?param_a=§param_a§¶mb=§param_b§ HTTP/1.1
User-Agent: §param_a§
Host: {{Hostname}}
another_header: {{base64('§param_b§')}}
Accept: */*
admin=test
- |
DELETE / HTTP/1.1
User-Agent: nuclei
Host: {{Hostname}}
{{sha256('§param_a§')}}
- |
PUT / HTTP/1.1
Host: {{Hostname}}
{{html_escape('§param_a§')}} + {{hex_encode('§param_b§'))}}
attack: clusterbomb # Available types: batteringram,pitchfork,clusterbomb
payloads:
param_a: payloads/prams.txt
param_b: payloads/paths.txt
matchers:
- type: word
words:
- "Test is test matcher text"
Authenticated Bruteforcing
This template makes a subsequent HTTP requests with defined requests maintaining sessions between each request and checking for string match against response.
id: multiple-raw-example
info:
name: Test RAW Template
author: pdteam
severity: info
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
- |
POST /testing HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
testing=parameter
cookie-reuse: true # Cookie-reuse maintain the session between all request like browser.
matchers:
- type: word
words:
- "Test is test matcher text"
Was this page helpful?