Translate

Minggu, 25 Maret 2018

BURP Proxy

BURP Proxy

 

Burp Proxy is a tool that intercepts HTTP and HTTPS traffic. It allows a Penetration
Tester to examine an application, its vulnerabilities, and the two-way traffic between
a client and a web server. Burp Proxy is very popular because of its ability to not
only examine the traffic, but also, it manipulates requests. We will examine how
Burp Proxy is used to manipulate, reply, and steal authentication.

It is important to remember that Burp Proxy is actually a part of Burp Suite, which is
a collection of tools. When a user enters a URL in their web browser such as
http://www.DrChaos.com, they expect to be directed to the website. A proxy server will
intercept that request and send it on behalf of a client. Proxy servers are usually
put in place to inspect the traffic and protect the clients from harmful data. As a
Penetration Tester, you can use a proxy server to intercept traffic from a client, copy
the request, or manipulate it: 

 

To launch Burp Suite, simply navigate to: Kali | Sniffing/Spoofing | Web Sniffers
and select Burp Suite. 
Once Burp Suite is launched, you will be presented with the Burp launch dashboard:
 

To configure Burp, click on the Proxy tab. By default, the Intercept button is selected
in this tab. When the Intercept option is enabled, Burp stops all requests from a
web browser to the web server. The feature allows a Penetration Tester the ability to
examine a connection. The Penetration Tester can manually allow the connection to
continue once it's viewed.

notes : The Intercept button requires manual intervention, or the request will
never make it to the web server. 

The next configuration setting is found on the Options submenu. This section will
allow users to check or change the default port on which Burp is running, as well as
configure the interface or network seen by Burp. By default, Burp is set to run on the
loopback interface, as shown in the following screenshot. A loopback interface is a
special interface that usually has the IP address of 127.0.0.1 associated with it. It does
not have a physical hardware connection tied to it, but is a way for the operating
system to reference itself. In other words, when you want to communicate with
yourself in networking, you could use a loopback. If you plan on testing Burp Suite
beyond the local machine, you should add your Ethernet interface and IP address.
We will use the loopback interface for our example:
 

The next step is configuring the browser to use Burp Suite. All browsers have a
similar way of using a proxy server. In the next example, we have depicted the
settings for configuring a proxy server on Firefox:

 

For the following example, we will go to a URL, such as www.DrChaos.com in
Firefox. You will notice that nothing happens. This is because the Intercept feature
is enabled by default, as we discussed earlier. You can now see the Intercept tab in
Burp has changed colors to indicate a new request has been intercepted. 
When you click on the Intercept tab, you will see the exact nature of the request.
You can now click on Forward or Drop to allow or deny the request specifically
from continuing:


 



When you click on the Forward button, you will see the request continuing
to the server, as well as the response from the server. Also, you should see the
webpage successfully loaded in the web browser. Some web pages have multiple
components, so you may need to select the Forward button multiple times before
the web page loads.

Another cool feature is Burp Spider. Burp Spider offers a way of mapping web
applications in an automated fashion. How Burp Spider works is that you first
setup Burp to proxy your Internet usage, as we had explained earlier. Next, you
enable Burp Spider, and while it is running, Burp will map all the requests and
offer the ability to spider any captured request to find new targets.

To use the Spider, click the Spider tab to bring up the default configuration page.
Click on the Spider is paused button to change the status to Spider is running:

 

Burp maps all requests seen by the proxy under the Target tab. Click on the Target
tab to see what has been captured. There will be a list of targets that are being used
on the proxy. URLs that are in gray means that you have not directly browsed those
targets, while URLs in black are sites to which you have explicitly browsed to:


To use the Spider function, right-click on a target and select Spider this host:

 

When you go to the Spider tab in Burp, you will notice the Spider Status counts
have changed from 0 to an accumulating number:

Tidak ada komentar:

Posting Komentar