This tool is generally used to manually modify the HTTP requests and test the responses given by the page. This can even lead to probing for vulnerabilities on the web-page. Basically, this is used to play back requests to the server.
If we want to check for the extent of randomness in the session tokens generated by the web application, this is a tailor made tool to carry out such tests. Brute force attacks enumerate every possible combination for gaining authentication to the web application. This makes it a serious concern to have the high degree of randomness in the session token IDs. Let’s start with sending a request which contains a session token.
In this figure you can see the token request to the site Google.com. The right side of the screen shot has the token start and token end expressions. We can either specify an expression like “Google” or even set the offset from where the token has to start. The same thing holds at the token end panel, where we can set the delimiter, or a fixed length for the capture to start. After fixing these parameters, we can click START CAPTURE.
The start capture action panel looks like the screenshot above. It sends requests to the target and gives a detailed analysis of the randomness in the cookie tokens. We can pause/stop the analysis when we wish to. I stopped the scan mid-way to see the results of the analysis until the paused values. The screenshot below explains the results better.
The scan components are as follows:
- Overall result
- Effective Entropy
- Sample size considered
Burp automatically analyses this aspect and generates this report in this sequencer tool. Other analysis types are character level analysis, which tells us the degree of confidence in the randomness of the sample through a graphical display. Similarly, the bit-level analysis is the analysis done at the bit level. You have the choice to pad characters in the options panel and also to decode in base64 if needed.