Burp Suite: Difference between revisions
From charlesreid1
(→Usage) |
|||
| Line 59: | Line 59: | ||
===Modifying Traffic=== | ===Modifying Traffic=== | ||
The content of requests can also be modified before the request is forwarded. The first Burpsuite tutorial [https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic] on intercepting traffic demonstrates how this can be used to exploit a vulnerable e-commerce shopping site. | The content of requests can also be modified before the request is forwarded. | ||
The first Burpsuite tutorial [https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic] on intercepting traffic demonstrates how this can be used to exploit a vulnerable e-commerce shopping site. | |||
=Links= | =Links= | ||
Revision as of 20:41, 2 March 2022
Installing
Mac
Use the Mac installer provided by portswigger: https://portswigger.net/burp/communitydownload
Debian Linux
Dependencies
The jarwrapper library is required to install burpsuite:
sudo apt-get install jarwrapper
Installing burpsuite with KaliTools
Use KaliTools to install burpsuite on a non-Kali machine:
cd kali-tools python3 kali.py burpsuite cd dist/burpsuite dpkg-buildpackage -us -uc -b cd ../ sudo dpkg -i burpsuite_1.7.30-0kali1_all.deb sudo apt-get upgrade burpsuite
Incompatible JRE
Ran into a problem with the Burp Suite community edition:
"Your JRE appears to be version 11.0.14 from Debian. Burp has not been fully tested on this platform and you may experience problems."
I used aptitude to install the openjdk-11-jre package, and that's the package causing the above error. It seemed like it should have been working fine. I tried upgrading jarwrapper, and that did the trick:
sudo apt-get -y upgrade jarwrapper
Usage
Proxy
Intercepting Traffic
One basic use of Burp is intercepting traffic.
To do this, go to Proxy > Intercept. You can open the Chromium browser included with Burp, which will use the Burp proxy.
When you open the browser, it will not intercept traffic by default, you have to click "Intercept Off" to switch it to "Intercept On".
Once you do that, you'll see each request come up as it is happening in the browser, and you can Forward the request or Drop it.
You will see all requests that are made as part of loading a page, so if there are multiple API calls being made, you'll see each one as a separate request.
Modifying Traffic
The content of requests can also be modified before the request is forwarded.
The first Burpsuite tutorial [1] on intercepting traffic demonstrates how this can be used to exploit a vulnerable e-commerce shopping site.
Links
Official Tutorials
Tutorial 1: intercepting HTTP traffic: https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic
- Burp Proxy lets you intercept HTTP requests and responses sent between your browser and the target server
- Enables studying behavior of websites when different requests are sent
- Open Burpsuite and go to Proxy > Intercept
- Click Open Browser, which opens a built-in, embedded browser
- Can browse without intercept turned on, normal experience
- Turning on intercept will show each request, give the option to forward or drop
- Proxy also records a history of each request
- Burp Proxy also lets you modify HTTP requests
- (Tutorial requires setting up an account on portswigger and using an example vulnerable website)
- Basically you can just edit the request when you see it, before you click Forward or Drop
Tutorial 2: Using Repeater to send repeated requests: https://portswigger.net/burp/documentation/desktop/tutorials/resending-individual-requests
Tutorial 3:
Tutorial 4:
Flags
