├── .DS_Store
├── Hacker-Associate-SSRF.png
├── README.md
├── build.xml
├── build
    └── burp
    │   └── BurpExtender.class
├── dist
    ├── .DS_Store
    └── SSRF-Bugbounty-IP-DECIMAL-by-Harshad.jar
└── src
    ├── .DS_Store
    └── BurpExtender.java


/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/.DS_Store


--------------------------------------------------------------------------------
/Hacker-Associate-SSRF.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/Hacker-Associate-SSRF.png


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # 🌐 SSRF-Hacks-IP-Decimal
 2 | A Burp Suite extension that converts IP addresses to decimal notation, useful for SSRF bypass and WAF evasion testing. 
 3 | Created by Harshad Shah. ✨
 4 | 
 5 | # 🛠️ IP to Decimal Converter - Burp Suite Extension
 6 | 
 7 | ## 📜 Description
 8 | The IP to Decimal Converter is a Burp Suite extension that allows security professionals and penetration testers to automatically convert IP addresses to their decimal notation format. 🔄 This tool is particularly useful for bypassing security controls that block regular IP addresses but may not recognize decimal notation. 🚀
 9 | 
10 | ✍️ Author
11 | Name: Harshad Shah 👤 [ www.hackerassociate.com ] 
12 | 
13 | ![Hacker Associate SSRF](https://github.com/hackerassociate/SSRF-Hacks-IP-Decimal/blob/main/Hacker-Associate-SSRF.png?raw=true)  
14 | 
15 | ## 🌟 Features
16 | - 🔢 Converts IPv4 addresses to decimal notation
17 | - 📋 Context menu integration in Burp Suite
18 | - 🔄 Automatic replacement of IPs in requests
19 | - 📊 Real-time conversion logging
20 | - 🖥️ Simple and intuitive user interface
21 | 
22 | ## 💡 Use Cases
23 | - 🕵️‍♂️ SSRF (Server-Side Request Forgery) bypass attempts
24 | - 🔐 WAF (Web Application Firewall) evasion testing
25 | - ✅ Security control validation
26 | - 🌐 Network security assessments
27 | 
28 | ## 📥 Installation
29 | 1. 📥 Download the latest release (`SSRF-Bugbounty-IP-DECIMAL-by-Harshad.jar`)
30 | 2. 🛠️ Open Burp Suite Professional
31 | 3. 📂 Navigate to the Extender tab
32 | 4. ➕ Click the "Add" button
33 | 5. 📁 Select the downloaded JAR file
34 | 6. 🚀 The extension will be loaded automatically
35 | 
36 | ## ⚙️ Usage
37 | 1. 🖱️ Right-click on any request in Burp Suite
38 | 2. 📜 Select "Convert IP to Decimal" from the context menu
39 | 3. The extension will automatically:
40 |    - 🔍 Identify all IP addresses in the request
41 |    - 🔄 Convert them to decimal notation
42 |    - 🔄 Replace the original IPs with their decimal equivalents
43 |    - 📜 Log the conversions in the extension output
44 | 


--------------------------------------------------------------------------------
/build.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project name="IP-to-Decimal-Converter" default="jar" basedir=".">
 3 |     <property name="src.dir" location="src"/>
 4 |     <property name="build.dir" location="build"/>
 5 |     <property name="dist.dir" location="dist"/>
 6 |     
 7 |     <!-- Updated Burp Suite JAR path for macOS -->
 8 |     <property name="burp.jar" location="/Applications/Burp Suite Professional.app/Contents/Resources/app/burpsuite_pro.jar"/>
 9 | 
10 |     <target name="init">
11 |         <mkdir dir="${build.dir}"/>
12 |         <mkdir dir="${dist.dir}"/>
13 |     </target>
14 | 
15 |     <target name="compile" depends="init">
16 |         <javac srcdir="${src.dir}" 
17 |                destdir="${build.dir}" 
18 |                includeantruntime="false"
19 |                source="21"
20 |                target="21"
21 |                release="21">
22 |             <classpath>
23 |                 <pathelement location="${burp.jar}"/>
24 |             </classpath>
25 |         </javac>
26 |     </target>
27 | 
28 |     <target name="jar" depends="compile">
29 |         <jar destfile="${dist.dir}/ip-to-decimal.jar" basedir="${build.dir}"/>
30 |     </target>
31 | 
32 |     <target name="clean">
33 |         <delete dir="${build.dir}"/>
34 |         <delete dir="${dist.dir}"/>
35 |     </target>
36 | </project>


--------------------------------------------------------------------------------
/build/burp/BurpExtender.class:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/build/burp/BurpExtender.class


--------------------------------------------------------------------------------
/dist/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/dist/.DS_Store


--------------------------------------------------------------------------------
/dist/SSRF-Bugbounty-IP-DECIMAL-by-Harshad.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/dist/SSRF-Bugbounty-IP-DECIMAL-by-Harshad.jar


--------------------------------------------------------------------------------
/src/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/hackerassociate/SSRF-Hacks-IP-Decimal/ae5313801bedc3037d11f1c54a2155e8da8ec481/src/.DS_Store


--------------------------------------------------------------------------------
/src/BurpExtender.java:
--------------------------------------------------------------------------------
 1 | package burp;
 2 | 
 3 | import java.util.ArrayList;
 4 | import java.util.List;
 5 | import javax.swing.JMenuItem;
 6 | import java.util.regex.Matcher;
 7 | import java.util.regex.Pattern;
 8 | 
 9 | public class BurpExtender implements IBurpExtender, IContextMenuFactory {
10 |     private IBurpExtenderCallbacks callbacks;
11 |     private IExtensionHelpers helpers;
12 | 
13 |     @Override
14 |     public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
15 |         this.callbacks = callbacks;
16 |         this.helpers = callbacks.getHelpers();
17 |         
18 |         // Set extension name
19 |         callbacks.setExtensionName("SSRF Hacks IP-Decimal by Harshad");
20 |         
21 |         // Register context menu
22 |         callbacks.registerContextMenuFactory(this);
23 |         
24 |         // Print extension information
25 |         callbacks.printOutput("SSRFIP to Decimal Converter - Loaded successfully!");
26 |         callbacks.printOutput("Created by: Harshad Shah");
27 |         callbacks.printOutput("Website: www.hackerassociate.com");
28 |     }
29 | 
30 |     @Override
31 |     public List<JMenuItem> createMenuItems(IContextMenuInvocation invocation) {
32 |         List<JMenuItem> menuList = new ArrayList<JMenuItem>();
33 |         JMenuItem menuItem = new JMenuItem("Convert IP to Decimal");
34 |         menuItem.addActionListener(e -> convertIpToDecimal(invocation));
35 |         menuList.add(menuItem);
36 |         return menuList;
37 |     }
38 | 
39 |     private void convertIpToDecimal(IContextMenuInvocation invocation) {
40 |         IHttpRequestResponse[] messages = invocation.getSelectedMessages();
41 |         
42 |         for (IHttpRequestResponse message : messages) {
43 |             if (message.getRequest() != null) {
44 |                 byte[] request = message.getRequest();
45 |                 String requestStr = new String(request);
46 |                 
47 |                 // Find IP addresses using regex
48 |                 Pattern pattern = Pattern.compile("\\b(?:\\d{1,3}\\.){3}\\d{1,3}\\b");
49 |                 Matcher matcher = pattern.matcher(requestStr);
50 |                 
51 |                 while (matcher.find()) {
52 |                     String ip = matcher.group();
53 |                     String[] octets = ip.split("\\.");
54 |                     long decimal = (Long.parseLong(octets[0]) * 16777216 +
55 |                                   Long.parseLong(octets[1]) * 65536 +
56 |                                   Long.parseLong(octets[2]) * 256 +
57 |                                   Long.parseLong(octets[3]));
58 |                     
59 |                     callbacks.printOutput("IP Address: " + ip + " -> Decimal: " + decimal);
60 |                     requestStr = requestStr.replace(ip, String.valueOf(decimal));
61 |                 }
62 |                 
63 |                 message.setRequest(requestStr.getBytes());
64 |             }
65 |         }
66 |     }
67 | }


--------------------------------------------------------------------------------