Security Testing with BurpSuite || One Demo Example with BurpSuite Proxy Interceptor

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys this is navinia welcome back naveed automation labs so today we are going to talk about one very important and very interesting tool that is burp suite you must have heard about the burp free tool used for the security testing in fact the majority of the people who are into security testing that is the most fundamental tool they always use in fact i personally use this tool for couple of security testing and security scanners in my previous companies but i'm not a security testing expert but there are a couple of use cases uh on a daily basis you can perform on your web application also so burst suite is a security tool which is available in the market in the form of a licensed version as well as the community version so community version is a free version you can download it free of cost you don't need to pay any single penny for that and majority of the features are already available like interceptors proxies intruder com decoder and computer and then you know extender all these things are available but you don't need to learn about all those things if you're really interested you can just go through it but today i'm going to show you that how to create a simple proxy and then how to set up the proxy for your web application and then the entire traffic is coming through the proxy how to use the interceptor properly and all such things i'll show you so i'm going to talk about what do you mean the proxy first of all and how exactly this proxy will behave like a like an interceptor for example just these two bottles are there see let's see this is the client and this is the server so if i'm sending the request to the server this is through the browser or any mobile application or any web-based application or any browser application i'm sending a request to the server and server is responding back over here right whatever the communication is happening between client and server over the network but let's see in between this is my proxy and i say that okay hey the entire web traffic which is coming from the browser or mobile or anything the traffic will go through with this particular proxy guy so this proxy will behave like an interceptor for me so this proxy will intercept whatever the request is coming from the client i'll send the request to the uh to the interceptor and interceptor will modify this let's see instead of hundred dollars of the of a particular item i'll just want to change it i want to change the username password or i want to modify whatever request payload that i'm sending i can i want to add some more attribute in it i want to delete some attribute uh in the request payload and then i'm sending it to the server for example let's say i'm sending an api or i'm calling one api from the client side and then here i'm just deleting some uh important information let's see pricing information i'm deleting it or modifying the pricing information or let's say deleting the tax pricing information at the interceptor level and then i'm sending this request to the server and then i really want to know that how exactly this server is actually behaving is it really giving you the right output or giving you the error or something it was giving you the right output and let's see for example let's see one nike t-shirt is around 100 and you're sending the request to the interceptor and intercept through the interceptor you are changing it to lets you 10 and you are again sending requests to the server and then if you are able to purchase that item within 10 dollars it means there is a bug in the application the security bug in your application it means there is a security problem at the server side not at the client side because let's see one someone maybe hacker or any you know unwanted requests are coming to this particular server directly and anyone can change the request and then and then they can manipulate the data and then the server will respond back and then it means there's a big security hole or issue in your application so this is just a simple example that i want to say that that this guy will behave like a interceptor for me i mean not this one this is just my mic so i'll show you that uh how exactly we can download the burp suit and then we'll create a proxy like this between the client and server and then through this proxy we will try to manage the traffic of the application and then we will try to intercept try to manipulate the data sending it to the server over here and again back to this guy let's see how exactly we can do that so how to install burp sheets so you simply go to let's see a safari browser or any browser that you can go there and then you simply write the download and the burpsuit is actually provided by this company port ports portswigger.net so this is the official application and what you can do with the products see here you can just enter the email id no need to go to product just simply enter your email id and then you can download it email id over here and then you simple paste it and then download so when you download this particular proxy uh it will ask you that for which operating system so they support everything they support windows mac mac for ambient chip and then linux and in fact you can download in the form of jar file also i'm going to use it for pack if you're using windows machine you can use it for windows i'm having the mac intel machine so i'm going to use mac machine and then simple click on download when you click on download it's around 223 mb let's see this dmg file is already available so i'm not going to you know download it completely it's already available uh in my downloads folder so i'll just simply go to my downloads folder and see this is the dmg file is already available here and you just need to open this dmg and let's install this particular ports figure burp suit what you can do you can drag it to application same thing in your windows machine also you just simply double click on it normal.exe file that you need to install it so i'm going to install it now okay and after that you can see this is the community edition that we have to download community edition is a free version you don't need to pay anything for it it's having its own license version also you if you really want to use you can use license version also but you have to pay the license for that generally used for the commercial purpose and for the uh for the security testing team people use it for that here it will ask you the first thing is that uh welcome to burp suite community edition what kind of project that you want to create so see this new project on disk and open existing project right now we don't have any project and new project on disk is actually available for the paid version and not for the i mean not for the commercial version so simple select the temporary project and you click on next after that use works with default let it be like this and you simply start the burp suite and here you can see that burp3d is getting started and it will create one simple project for you so this is a burp suite ui guys you can see that i cannot maximize it but just try to see that like this okay there are multiple options first of all you can see the name is burp suite community edition target proxy intruder repeater a lot of things are available over here and a lot of advanced features are available in the paid version also if you really want to get an expertise on this tool you can just take that and if you really want to uh go with that you can just try and with intruder repeater and all such things i'll tell you a couple of things over here the proxy is the most important thing this proxy as i told you that it will behave like an interceptor for me so here you can have an option that interceptor is off and on intruder is another uh tool i would say available in the burp suite intruder what exactly it will do that it will try to change the logic or it will try to change let's see for the username password or any fuzzy logic that you have written it will try to change it whatever the logic is coming from the client side and then it will try to change it give it to the server and again server respond back to that to the client and then really want to see that how exactly server is responding back in that way repeater is again just if you really want to change the request payload or any request that you are sending and then you really want to modify the data while sending the request and then you can send it to the server and then you can do the by direction also same thing whatever the request is coming from the server side response is coming from the server side and giving back to the client side that also we can change it with the help of repeater then we have decoder to decode the uh you know url and all other things or any other decompression or any other uh you know url or maybe some html or any uh queries that you really want to decode that also you can do that comparer is used for the you know the compare to request that also you can do that logger is for the logging and then there are other projects also available over here extender generally is used to modify the data in the form of you really want to add some additional applications or something like that for that purpose you can use it so we are not going to talk about all these things today we are going to talk about only the proxy thing that is more than enough for you guys what you have to do as i told you that burp suite is like a proxy and so we have to configure this proxy and we really want to divert the entire traffic whatever the traffic that you have this is the client is not sending this you know respond i mean request to the server directly it has to be gone through this particular proxy so we have to configure this proxy on my system let's see this proxy is running on port number 8080. so what we have to do here we have to go to the options tag here and simply say that okay this is the localhost 8080 port number and just let it be like that so this is the proxy listener it means the entire proxy will listen uh the request from the client side over port number 8080 and same qualification we have to do in my firefox or whatever the browser that you are using it so i'll do one thing i'll go to my firefox and i simply go to my preferences over here go to at the end and then you have to go to the network settings just like we do it in j meter if you remember because j meter also behave like a proxy in between so by default it's a no proxy here we have to select the manual uh proxy configuration and same thing localhost port number 8080 you have to define because this is where one port number 8080 on localhost uh we have configured the burp suite as well okay click on ok after that after that if you really want to you want to restart your firefox better to restart your firefox also so let me do one thing let me just quit firefox and let me open it again so i'm just going to open my firefox once again after setting the proxy you don't need to close the burp suite just let it be like that okay and burp suite is here here you can see that and i'll do one thing that i can just simply restore the previous version as well let it be like that perfect now another thing is that you have to download one certificate also you have to tell that uh whatever the application that you are using it so we are going to use the same supports swigger.net they will give you one dummy application also just to check uh to perform the security testing that how exactly the scenario you can generate over here so what you just need to do here is that you have to download one certificate so that certificate is you will be getting over here you simply go to http birth suite so i'll just copy this go to my browser once again and then control b and then enter and here you can see ca certificate here so you have to download the ca certificate it's around see csr der file is available which is available in my downloads folder and then after that what do you have to do you have to open your firefox preferences once again and under firefox preferences you go to privacy and the security and under privacy and security you have to go to just slightly scroll down and go to the security section over here and click on view certificates so there are by default many certificates are already available see this over here go to authorities tab and then you can see multiple certificates are already available you don't need to change anything here simple go to import and then uh select that certificate file that you have actually downloaded so i'm just going to click on import go to my download and this is a certificate dir der file that i have used and click on ok certificate is already installed as a certificate authority okay because i'm already having this certificate in my system in your case you just simple add it and after that click on ok ok after that that's perfectly fine if you really want to restart your firefox you can just do that as well now what you have to do here is that you have to go to your burp suite in buffs it you simply go to dashboard once again and in the dashboard you go to proxy see this is a proxy and under proxy you go to intercept section over here can you see intercept and right now the intercept is off it means the proxy you have settled but uh the proxy intercept option is disabled right now it's not on okay so i'll do one thing i'll just show you one scenario first of all that i have an application this is the application url you just copy this so i'm just going to copy this and then i'm going to use it over here so let me just open a new tab and then it will be entered when you open that first time here you can see that you have to log into this application or you simply click on access that lab over here okay so simply click on access the lab and then it will ask you that you have to create your own username password so what you have to do you have to click on create account so let me create a simple account over here so i'm going to click on this what is the email address that i'm going to use uh see it's registering your email id so let's wait for few seconds so here you can see that computer registration email is uh there and then i'm going to open this and it's saying that thank you for request for register with our website click on completed registration after that you just need to enter your name so let's see i'm entering my name is naveen and click on register and this is your password guys remember so it's just simple copy this password and use it in your notepad file somewhere over here so i'll do one thing this is my password for the for this application i'm talking talking about this portal ports video and then after you can just simply log into your account so go to the login to your account and when you log into your account you just do one thing that enter your email id that you have actually used email id and the password that you have generated and after that click on login i'm going to save my email id password and then you can see this is your account details okay if you really want to change the password later on you can change it so let it be like that okay so once you log in after that what do you have to do here once again you have to launch this application that i told you and then i go back to my firefox and open a new tab ctrl v and then enter after that you can see that uh we have already logged in and now we have to click on access the lab so click on access alarm so guys first of all you have to use sportsfigure.com i mean.net here you have to create your account with your email id and the password it will generate and then after that you have to login click on this and then this is a shopping application you will get it over here now this is a separate application available hosted on this application only and this application is also having its own dummy username and the password after that you have to log into this application this uh we like to shop application or simple web security academy application is there click on my account when you click on my account see it's asking what is the username password username password is not your use that email id password that you have actually created control b and then the password is peter everything in a small letter i'll share all these details in the description don't worry about that and then i don't want to save it paste your email id here and update the email okay now everything is fine after that what do you simply go to do what you have to do simple click on home and after clicking on home you can do any shopping here so right now you have let's see hundred dollars as a credit and let's say i really want to buy something here for example let's see this leather jacket which is around 1337 dollars and i simply click on view details when you click on view details see the price over here i try to modify this price through my interceptor through the burp suite what i have to do here is that simple select let's see one and add to cart so before clicking on add to cart because the moment i click on add to cart i'm calling the server and then this uh let's see quantity is equal to one and the price equal to something like this will be sent to the server but in between i'll send the request to the proxy and proxy is what the burp suite that you are having it so now i'll make my intercept is on actually see i'm just going to make it intercept is on okay now this intercept is active and what you have to do you simply click on add to cart when you click on add to card the request will be sent not to the server see the page is still loading here you can see that it's not submitting the application or submitting the page it's actually the request will be sent over here and this is a request can you see that the request you uh something url is this over here and you can see that it's a kind of api call that we are using it and it's saying that the product id is equal to one this is the product quantity is equal to one can you see that this is my quantity over here and this is a price that you are sending it so whatever the price that we are sending this price is 1337.00 and here you can see the same price over here right now what exactly i'm going to do that i just want to change the price so let's say making the price is around 20 that's it or 10 or 20 whatever you want to make it okay it means i'm just sending 20 cents instead of one three three seven dollars and then i'm sending the request so what exactly i'm gonna do that i'm going to click on forward forward means intercept is on intercept already captured the request from here and now the request is actually not to the server not given to the server intercept is actually capture this information i'm trying to modify what is the data in between and now i'm going to forward this modified data or manipulative data to the server so i'm just going to click on forward now when you click on forward after that intercept you just try to make it off over here and the moment you make it off immediately what will happen the request has been sent and here you can see the page got updated and you can see one product got added in your cart and you go to the cart and just try to see the is only 0.20 twenty cents zero point two zero dollars that we have added and then i just want to place the order so the actual price of this uh around for this jacket one three three zero something and then i'm just making the payment of zero point two zero cents that's it only point two zero dollars and i'm just making the order here once you place the order and it's saying that order is on its way and how much you spend the actual price of this applica uh this uh product around 1337 and you spend only 0.20 so this is the big issue the security issue of this application is that you are actually on the fly trying to modify the data and then the server is actually performing the request and you are able to place the order over here so when you see that yeah the order has been placed so this is just a dummy application guys same thing you can do in your actual applications also you can modify the data you can modify your account details or pricing or username or password or any fishy things that you really want to introduce and send it to the server through that you can just do it over here changing the price and manipulating the pricing data and then you are forwarding the data to the server so make sure that okay you have to make intercept on first and then change the data and then click on forward and then after make the intercept is off the moment you make intercept is off immediately it will raise the request to the server and then the request had been submitted to the server and the server is saying okay fine the order is on its way congratulation you solve the lab and it's done so this is the big security issue for this application right so this is burp suite where you can just manipulate the data and then you can check it how exactly the things are happening in between and then same thing you can do the vice versa also whatever response that you are getting from the server side that also you can modify it and then you can just get it over here okay to the client side and then let's see how exactly client is getting it so this is a simple example you can try it and then you can just check the exactly same thing in your web application also just try to manipulate some data and then send it to the server and then check that how exactly my server is behaving or not especially in e-commerce application food delivery app or any kind of application where you're just playing with the data with respect to pricing or taxes or um like that okay so that's all for this particular video guys i hope you liked it please subscribe to the channel if you have any questions with respect to bob sweet uh try to ask i definitely try to uh take some questions in the comment section and i'll try to create more videos and burp speed in future with respect to intruder windows instructor extender decoder comparators and repeaters and more proxy configurations are available in the burp suite definitely we will try to see those things as well thank you so much i'll see you next video till then take care and god bless you all

Info

Channel: Naveen AutomationLabs

Views: 29,871

Rating: undefined out of 5

Keywords: Security Testing with BurpSuite, burp suite, burpsuite pro cracked for kali linux, burp suite tutorial, burp suite demo, security testing tutorial for beginners, security testing in software testing, security testing tools for web applications, security testing using burp suite, owasp zap, owasp zap tutorial, how to install burp suite on windows, how to install burp suite in kali linux, how to install burp suite in ubuntu

Id: lBOAEDQWO9o

Channel Id: undefined

Length: 20min 35sec (1235 seconds)

Published: Mon Jul 25 2022