Social Icons

Showing posts with label http. Show all posts
Showing posts with label http. Show all posts

Thursday, October 01, 2015

Burp Suite : Configuring the browser and redirecting traffic

1.   Vide my last post about installing Burp Suite here ,now I move ahead to configure your browser in order to redirect all HTTP/S requests through Burp Proxy, instead of the actual target website. In my case here I am configuring a Mozilla Browser with proxy host address to 127.0.0.1 and the proxy port to 8080 , for both HTTP and HTTPS.The typical configuring of browsers is more or less common with major browsers with minor differences in interfaces.Here next I place you screen shots as I surfed a redirected traffic both for http and https via Burp Suite.First steps to configure Mozilla followed by screen shots :

Configuring Mozilla Firefox

- Click Firefox menu and then Preferences.
- In the Advanced options, under the Network tab, click on connection Settings.
- Select Manual proxy configuration.
- Enter the proxy host address as 127.0.0.1 and the proxy port as 8080.
- Select Use this proxy server for all protocols.
- Make sure to remove all exceptions from the No Proxy for field.
- Click OK and close.


2.   So now you have a working installation of Burp Suite and your browser is properly configured to intercept all requests.Now to test go to the browser, enter any http://www.****** site in the address bar and press Enter . If all is well, Burp Proxy should intercept this request. In Burp Suite,go to the Proxy and Intercept tab and verify that the web request is waiting for your approval.Ensure tha the Intercept on button is enabled; click on it and allow the request to transit through Burp by pressing Forward in Burp Suite Interface. Now in the browser, you should see the http page you entered in address bar.

Now try a https site and you are bound to see this warning as seen below in the screenshot.You will be presented with a This Connection is Untrusted page.In such a case, you are required to manually approve the connection by clicking on I Understand The Risks, then Add Exceptions... and Confirm Security Exception. To make sure that Burp Proxy is actually causing the warning, you click on the certificate status View... and see that the certificate belongs to PortSwigger CA as seen below in one screenshot.

 PortSwigger CA certificate


This setup means that Burp Suite is now ready for use as the traffic is being redirected as desired as per configuration....

Monday, September 28, 2015

Burp Suite : Integrated platform for Web Application Security

1.   Burp Suite is an excellent easy-to-use integrated platform for web application security that includes multiple tools seamlessly integrated to test every component and aspect of modern web applications. Whether you need to verify the robustness of your authentication mechanism, the predictability of your session tokens, or the input validation checkpoints present in your application, Burp is often compared to Swiss-army knife for security practitioners since it offers a horde of features . Not only does it allow in-depth manual assessments, but it also combines automated techniques to enumerate and analyze web application resources.Burp has been developed by PortSwigger Ltd. and is available in two editions:

- Burp Free
- Burp Professional

In-fact,the free version is perfect to start for beginners as it contains all the basic tools to find at least few first vulnerabilities.In its simplest way to explain, Burp is a local web proxy that allows to intercept, inspect, and modify HTTP/S requests and responses between the user's browser and the target website. While the user navigates through the web application, the tool acquires details on all visited pages, scripts,parameters, and other components. The traffic between the browser and the server can be eventually visualized, analyzed, modified, and repeated multiple times. The different tools included in Burp Suite can be easily distinguished by the upper tabs:

- Proxy: It allows to intercept and modify all web traffic.
- Target: This tool allows to aggregate all web application resources, thus guiding the user throughout the security test.
- Scanner: A complete web application security scanner, available in the Professional version only.
- Intruder: Burp Intruder allows to customize and automate web requests. 
- Spider: Automatic crawler that can be used to discover new pages and parameters.
- Sequencer: Used for verifying the randomness and predictability of security tokens, cookies, and more.
- Decoder: It allows to encode and decode data using multiple encoding schemes 
- Comparer: A visual diff tool that can be used to detect changes between web pages.
- Repeater: A simple yet powerful tool that can be used to manually modify and re-issue web requests.

How to go about Installation ?


- A minimum disk space of at least 200 MB is required.
- Required memory is at least 1 GB
- Burp Suite works on Windows, Mac OS X, and Linux
- Software components: An updated Oracle Java Runtime Environment is required to run Burp Suite. 

Downloading Burp Suite from ?



In the download folder where typically this file gets downloaded,create a burpsuite folder and mov this file to this folder for executing.

Launching Burp Suite in Linux


At the terminal type the following inside the pwd as the new burpsuite folder u created above :

java -Xmx2g -jar burpsuite_v1.4.01.jar



Friday, February 27, 2015

Configuring Burp suite with Iceweasel

1.   Burp Suite is an integrated platform for attacking web applications. It contains a variety of tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All of the tools share the same framework for handling and displaying HTTP messages, persistence, authentication, proxies, logging, alerting and extensibility. There are two versions available including a free version and also Burp Suite Professional.It is a Java application that can be used to secure or penetrate web applications.The suite consists of different tools, such as a proxy server, a web spider, intruder and repeater.BurpSuite allow us to forward all of the web traffic from your browser through BurpSuite so that you can see each HTTP Request and Response and manipulate it to your heart’s content. This post will configure burp suite with Iceweasel in Kali Linux .

2.   Open Internet - Iceweasel Web Browser

3.   Click on Edit then Preferences

4.   Preference Window will be open Now go to AdvanceNetworkSetting
5.   Select Manual Proxy then set 127.0.0.1 in HTTP Proxy area and port should be 8080. Use this proxy server for all protocols by checking the box. Clear the No Proxy field then Finally Click OK.
6.   Now open burp suite Application → Kali LinuxTop 10 Security ToolsBurpsuite
7.   You get to see the following screen
8.    After Burp Suit is opened,Click on Proxy Tab then Click on Option Subtab and watch carefully local host interface running box should be check in Proxy Listeners.
9.    Scroll down in the same tab (Proxy Tab → Option subtab) 

Intercept Client Requests

    → Select URL Match type and keep Clicking UP button till URL Match type reach at the top.

    → Check Box 'Intercept requests based on the following rules.

Now select 'File Extension' and click on Edit.Edit Window will be open. Here we will add 'jpeg' file extension. You can add or remove file extension as per your need. So, Write code and click on OK.



10.  We will Add file extension match type according to below details:
      Boolean Operator : And
      Match type : File Extension
      Match relationship : Does not match
      Match condition: (^gif$|^jpg$|^png$|^css$|^js$|^ico$|^jpeg$)
11.  Select 'File extension'  and keep Clicking UP button till 'File extension' reach at the 2nd top.
12.   Now Open Iceweasel and type www.google.com in the web address area....and u r ON if all set right

Source of help : http://knoxd3.blogspot.in/2014/05/how-to-configure-burp-suite-with.html

Tuesday, August 26, 2014

WEBSHAG : Scan a Web server@Kali Linux

1.    The name of this tool is such that a layman might start pondering some other thoughts :-)..Webshag ... is actually a multi-threaded, multi-platform web server audit tool  that's coded in Python and gathers useful common functionality for web server auditing like website crawling, URL scanning and file fuzzing.This can be used to scan a web server in HTTP or HTTPS, through a proxy and using HTTP authentication. In addition to that it proposes innovative IDS evasion functionalities aimed at making correlation between request more complicated. It also provides innovative functionalities like the capability of retrieving the list of domain names hosted on a target machine and file fuzzing using dynamically generated filenames (in addition to common list-based fuzzing).This post gives out a stepped screenshot on how to use it in Kali Linux for auditing a website.







The post shows the screen-shots for a Webshag version 1.10....that's the latest as on date...like always I have...this tool is too an opensource tool with a great functionality.....

Sunday, November 27, 2011

COOKIES & TYPES ?

1. How often we blame it on cookies for tracking,invading our privacy.......but whats these cookies all about?How many types exist?Are all of them dangerous?What can I do to avoid them? All answers ahead in my posts ahead....

2. A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site.The state information can be used for authentication, identification of a user session, user's preferences, shopping cart contents,or anything else that can be accomplished through storing text data.Cookies are not software.They cannot be programmed, cannot carry viruses, and cannot install malware on the host computer .

SESSION COOKIE

A session cookie only lasts for the duration of users using the website. A web browser normally deletes session cookies when it quits. A session cookie is created when no Expires directive is provided when the cookie is created.

PERSISTENT COOKIE

A persistent cookie will outlast user sessions. If a persistent cookie has its Max-Age set to 1 year, then, within the year, the initial value set in that cookie would be sent back to the server every time the user visited the server. This could be used to record a vital piece of information such as how the user initially came to this website. For this reason, persistent cookies are also called tracking cookies or in-memory cookies.

SECURE COOKIE

A secure cookie is only used when a browser is visiting a server via HTTPS, ensuring that the cookie is always encrypted when transmitting from client to server. This makes the cookie less likely to be exposed to cookie theft via
eavesdropping.

HTTP ONLY COOKIE

The Http Only session cookie is supported by most modern browsers.On a supported browser, an Http Only session cookie will be used only when transmitting HTTP (or HTTPS) requests, thus restricting access from other, non-HTTP APIs (such as JavaScript). 

FIRST PARTY COOKIES 

A first-party cookie either originates on or is sent to the Web site you are currently viewing. These cookies are commonly used to store information, such as your preferences when visiting that site.

THIRD PARTY COOKIES

Third-party cookies are cookies being set with different domains than the one shown on the address bar.For example: Suppose a user visits www.example1.com, which sets a cookie with the domain ad.foxytracking.com. When the user later visits www.example2.com, another cookie is set with the domain ad.foxytracking.com. Eventually, both of these cookies will be sent to the advertiser when loading their ads or visiting their website. The advertiser can then use these cookies to build up a browsing history of the user across all the websites this advertiser has footprints on.

ZOMBIE COOKIE

A zombie cookie is any cookie that is automatically recreated after a user has deleted it. 

TEMPORARY / SESSION COOKIES

A temporary or session cookie is stored only for your current browsing session, and is deleted from your computer when you close your browser.

UNSATISFACTORY COOKIES

Unsatisfactory cookies are cookies that might allow access to personally identifiable information that could be used for a secondary purpose without your consent.

Powered By Blogger