What is Burp Suite?
Burp Suite is a comprehensive platform for web application security testing. It can be used for detailed counting and analysis of web applications. Burp can easily block HTTP/S requests and act as an intermediary between the user and web pages. As the user browses the web, the necessary details are retrieved from the website. This information allows us to gain insight into the security of a web application.
Burp Suite Installation
- 1- Make sure the Burp Suite listener is enabled.
-
- 2- Open Burp and go to the proxy—> options tab
-
- 3- Verify that the proxy listener is enabled and set to 127.0.0.1:8080.
-
- 4- Complete the Proxy configuration in the Web Browser.
For Firefox; In Settings –> click network settings at the bottom of general settings –> select Manual Proxy configuration. Verify that it is set to the same proxy as Burp.
Installation of Burp SSL Certificate
Go to http://burp and download the CA certificate by clicking on the CA certificate in the upper right.
In Firefox, click the certificates from the Network Security settings page.
Import the certificate you downloaded and check all the boxes.
In Firefox, click the certificates from the Network Security settings page.
Import the certificate you downloaded and check all the boxes.
Key Features
When getting started with Burp Suite, you should familiarize yourself with the general tabs available such as Intruder, Repeater, and Sequencer.
- Intruder:
With Burp Intruder, customized attacks against web applications can be automated. Customizing attacks requires us to specify one or more payloads of data and the location on the website where the payloads will be placed.
- Repeater:
The repeater can be used to repeat individual HTTP requests that have been manipulated manually. With the repeater you can try the parameters on the same page without any extra processing with the browser. It becomes much easier to publish requests in a specific order, and you can observe how the page reacts to changing parameters at each step.
- Sequencer:
The Burp sequencer can be used to analyze random values in a data item sample. Intruder is used to test randomly generated data into data items.
Here's an example of what you can do with Burp:
Brute force attack on login page:
In this example we will use Intruder to modify the HTTP request for the login page in vulnweb and make username password attempts.
The request sent is as above. As you can see, we're getting a 302 error right now. Now we will change the uname and pass parameters with the help of Intruder. For this, we enter the http history section from the Proxy tab. Once we have found the submitted request and right-clicked on it, we click on the 'Send to Intruder' tab. You can click positions to access the tab below.
Here, the burp has automatically marked 2 parameters. To change the value of a different place, simply select the text and then click the add button on the left.
Now we make the attack type 'Cluster Bomb'. That's because we want to make changes in more than one place. Next, let's come to the payloads part. Here there will be two options, payload set 1 (uname) and set 2 (pass). You can either enter a list from the Payload options section below or add it manually as we will do now.
As you can see, we have made 4 entries for the username section, and we add the 'test' at the bottom to the list thanks to the 'add' button next to it. We do the same for the 'pass' parameter. Then we start the attack by clicking on the 'Start atack' button from the top right.
We tried all the possibilities and found that the username password 'test:test' was correct. Now let's try to go and log in.
We have successfully logged in.
Marvelous!
We performed our first attack using Burp Suite to modify the HTTP request. It was a simple example of using Burp in Web Application security tests.
In this example we will use Intruder to modify the HTTP request for the login page in vulnweb and make username password attempts.
The request sent is as above. As you can see, we're getting a 302 error right now. Now we will change the uname and pass parameters with the help of Intruder. For this, we enter the http history section from the Proxy tab. Once we have found the submitted request and right-clicked on it, we click on the 'Send to Intruder' tab. You can click positions to access the tab below.
Here, the burp has automatically marked 2 parameters. To change the value of a different place, simply select the text and then click the add button on the left.
Now we make the attack type 'Cluster Bomb'. That's because we want to make changes in more than one place. Next, let's come to the payloads part. Here there will be two options, payload set 1 (uname) and set 2 (pass). You can either enter a list from the Payload options section below or add it manually as we will do now.
As you can see, we have made 4 entries for the username section, and we add the 'test' at the bottom to the list thanks to the 'add' button next to it. We do the same for the 'pass' parameter. Then we start the attack by clicking on the 'Start atack' button from the top right.
We tried all the possibilities and found that the username password 'test:test' was correct. Now let's try to go and log in.
We have successfully logged in.
Marvelous!
We performed our first attack using Burp Suite to modify the HTTP request. It was a simple example of using Burp in Web Application security tests.
