Latest News

How to use Burp Suite Part I (Burp Suite Target Tab)


Topic - In this Article we will learn Burp Suite's Target Tab. You will see how Target Tab is most important part of burp suite.
Requirement:
B. Firefox or iceweasel
C. Burp Suite (We are using Free Version)

1. Each time whenever you need to perform Mutillidae in your system, you have to run mysql and apache server.
Open Terminal
    a. Type service mysql start and Press Enter
    b. Type service apache2 start and Press Enter
Both servers have been started. Now, you can open mutillidae without any issue.
Before opening Mutillidae Lets start Burp Suite. In Terminal type burpsuite.jar and Press Enter.
 (Click image for large view)


2. Your burp suite has been started. First of all turn off intercept. We will discuss about it later because in this article we will discuss only about Target Tab.

3. Open your Internet Browser and browse your Mutillidae as per your setup. If you have installed and configured Mutillidae according to my article then type 127.0.0.1/mutillidae in the browser web address and search it. Soon you will get your Mutillidae screen.

4. Target tab contains detailed information about your target applications, and lets you drive the process of testing for vulnerabilities.
Site Map Sub-tab
    A. The site map contains all of the URLs you have visited in your browser, and also all of the content that Burp has inferred from responses to your requests. Items that have been requested are shown in black, and other items are shown in gray. You can expand branches in the tree, select individual items, and view the full requests and responses. The tree view contains a hierarchical representation of content, with URLs broken down into domains, directories, files, and parameterized requests. You can expand interesting branches to see further detail. If you select one or more parts of the tree, all the selected items and items in child branches are shown in the table view.
      B. The table view shows key details about each item (URL, HTTP status code, page title, etc.).
      C. Request and Response Pane

5. If you select an item in the table, the request and response for that item are shown in the request/response pane.
Request Tab
      Raw – You can see host, user agent, server and cookies etc.

6. Request Tab
      Params – As you can see it shows cookies.

7. Request Tab
      Headers – Its look like raw details but in well organized. This shows headers details.

8. Request Tab
      Hex – It shows details like host user etc in hex code.

9. Response Tab
      Raw – This is what server responding, Raw sub-tab shows server details etc. If you will scroll down you will notice HTML codes are there but leave it for now because there are HTML sub-tab has given separately.

10. Response Tab
      Headers – Organized details of respond server.

11. Response Tab
      Hex – Details in Hex.

12. Response Tab
      HTML – In this section we can see respond html codes.

13. Response Tab
      Render – Render shows the actually view of the site how it looks like exactly.

14. Scope Sub-tab - The scope configuration tells Burp the items that you are currently interested in and willing to attack. The scope definition uses two lists of URL-matching rules - an "include" list and an "exclude" list. When Burp evaluates a URL to decide if it is within the target scope, it will be deemed to be in scope if the URL matches at least one "include" rule and does not match any "exclude" rules. This enables you to define specific hosts and directories as being generally within scope, and yet exclude from that scope specific subdirectories or files (such as logout or administrative functions). You can add or edit rules on the "include" and "exclude" lists using the URL-matching rule editor.
Each URL-matching rule can specify various features of the URLs that will be matched. For a URL to match the rule, it must match all of the features that are specified by the rule. The following items can be configured:
Protocol - This specifies the protocol(s) that the rule will match. Available options are: HTTP, HTTPS, or any.
Host or IP range - This specifies the host(s) that the rule will match. You can enter a regular expression to match the hostname, or an IP range in various standard formats, for example 10.1.1.1/24 or 10.1.1-20.1-127. If the host field is left blank, then the rule can match URLs containing any host.
Port - This specifies the port(s) that the rule will match. You can enter a regular expression to match one or more port numbers. If the port field is left blank, then the rule can match URLs containing any port.
File - This specifies the file portion of the URL that the rule will match (ignoring any query string). You can enter a regular expression to match the required range of URL files. If the file field is left blank, then the rule can match URLs containing any file.
However, in most cases, by far the easiest way to define your target scope is via the site map. As you map out the target application via Burp Proxy, the application's content will appear in the site map. You can then select one or more hosts and folders, and use the context menu to include or exclude these from the scope. This process is extremely easy and in most situations will let you quickly define all of the rules necessary for your testing.

15. Context Menu - Displaying all of the information gathered about your target, the site map enables you to control and initiate specific attacks against the target, using the context menus that appear everywhere. The exact options that are available depend on the location where the context menu was invoked, and the type of item selected. The complete list of context menu actions is as follows:
Add to / remove from scope - These options create new target scope rules which add or remove the selected item from scope. The rule generated will apply to the selected item and all child branches in the tree. A common technique when testing an application that includes some sensitive URLs is to add the whole application path (domain or directory) to the target scope, and then select the sensitive items and exclude them from scope.
Spider this host- You can select a host or folder within the tree view, and perform actions on the entire branch of the tree, such as spidering.
Actively scan this host- [Pro version] Actively scan takes an individual request to the application, called the "base request", and modifies it in various ways designed to trigger behavior that indicates the presence of various vulnerabilities. These modified requests are sent to the application, and the resulting responses are analyzed. In many cases, further requests will be sent, based on the results of the initial probes. You should use this scanning mode with caution, only with the explicit permission of the application owner, and having warned them of the possible effects that automated scanning may have on the application and its data.
Passively scan this host- [Pro version] Passively scanning doesn't send any new requests to the application - it merely analyzes the contents of existing requests and responses, and deduces vulnerabilities from those. This mode of operation can be used safely and legally in any situation in which you are authorized to access the application.
Engagement tools- [Pro version] This submenu contains various useful functions for carrying out engagement-related tasks:
      Search - [Pro version] You can use the Search function to search the selected branches of the site map for items matching a specific expression.
     Find comments / scripts - [Pro version] You can use the Find comments / scripts functions to search the selected branches of the site map for comments and scripts.
     Find references - [Pro version] You can use the Find references function to search all of Burp's tools for HTTP responses that link to the selected item.
     Analyze target - [Pro version] You can use the Target Analyzer function to analyze the selected branches of the site map and tell you how many static and dynamic URLs it contains, and how many parameters each URL takes.
    Discover content - [Pro version] You can use the Discover content function to discover content and functionality that is not linked from visible content which you can browse to or spider.
    Schedule task - [Pro version] You can use the Schedule task function to create tasks that will run automatically at defined times and intervals.
    Simulate manual testing - [Pro version] The Manual testing simulator can be used to generate HTTP traffic that is similar to that caused by manual penetration testin
Compare site maps- You can use the Compare site maps function to identify differences between two site maps. This is a powerful feature that can be used for various purposes, in particular testing for access control vulnerabilities.
Expand / collapse branch / requested items - You can use these functions in the tree view to quickly expand whole branches of the tree, and collapse them after you have reviewed them.
Delete host- This function removes the selected item permanently. Since by default the site map displays all content that Burp has identified based on HTTP responses, the map will often include a large amount of third-party content that is linked to from the application you are interested in. You can deal with this either by configuring a suitable target scope and a display filter, or by manually removing irrelevant branches of the tree.
Copy URLs in the host- This function copies the URLs of the selected item to the clipboard.
Copy links in the host- This function parses the selected item for links, and copies these to the clipboard.
Save selected items- This function lets you specify a file to save the details of selected item in XML format, including full requests and responses, and all relevant metadata such as response length, HTTP status code and MIME type.

16. Display filter - The site map has a display filter that can be used to hide some of its content from view, to make it easier to analyze and work on the content you are interested in.
Request type- You can show only in-scope items, only requested items, only requests with parameters, or you can hide not-found items.
MIME type - You can configure whether to show or hide responses containing various different MIME types, such as HTML, CSS, or images.
Status code- You can configure whether to show or hide responses with various HTTP status codes.
Folders - You can optionally hide empty folders in the tree view. This is useful to remove folders whose child items have all been hidden by other display filter attributes.
Search term- [Pro version] You can filter on whether or not responses contain a specified search term. You can configure whether the search term is a literal string or a regular expression, and whether it is case sensitive. If you select the "Negative search" option, then only items not matching the search term will be shown.
File extension- You can configure whether to show or hide items with specified file extensions.
Annotation - You can configure whether to show only items with user-supplied comments or highlights.
 Note: - If you set a filter to hide some items, these are not deleted, only hidden, and will reappear if you unset the relevant filter.
  (Click image for large view)
Like it ? Share it.

Airtel Night Store Offers Unlimited Plan and Data Pack

Airtel has launched Night Store for its prepaid customers. The Night Store includes various unlimited voice and data night packs between the price ranges of Rs. 7 to Rs. 49. All the packs in the Airtel Night Store are valid between 12 midnight and 6AM.

Rs. 7 - Unlimited Local Airtel to Airtel Calls
Rs. 8 - Unlimited 2G internet
Rs. 15 - Unlimited Local A2A Calls + Unlimited 2G
Rs. 29 - 500 MB 3G Data
Rs. 49 - 1GB 3G Data
Rs. 1  - Unlimited Facebook Access (3G Speed upto 250 MB and throttling post that)

How to Activate Plan -
1. Open Airtel Official Website Click Here then Choose Your Circle and Click on Select your Night Pack.

2. Choose your plan from the Plan List and Click on Active.

3. Write Your Mobile Number and Email ID then Click on Proceed

4. Click on Confirm

5. Wait a second you will get a One Time Password (OTP) on your mobile number. Write your OTP and check Term & Condition box then Click on Submit
*Amount of the pack will be deduct from main balance. It means you have to maintain sufficient balance in your mobile number for recharging Airtel Night Store.

You can also activate these packs through USSD or IVR 
USSD for activating Airtel Night Store Plans  -  *129#
IVR for activating Airtel Night Store Plans     -     129 

*****************Terms and Conditions****************

All Packs
  • Pack applicable between 12 AM to 6 AM valid for 1 night only. If pack is bought between 12 AM to 6 AM, benefits applicable for same night till 6 AM
  • Pack applicable for Airtel Prepaid customers only
  • Packs can be bought anytime during the day (24 hours) but can be consumed only between 12AM to 6AM
Rs 7 Local A2A Unlimited
  • Free local A2A calls applicable for Home circle only. Benefits do not apply while roaming.
  • Multiple recharges of this pack on same day are not allowed.
Rs 8 2G Unlimited
  • Mobile internet at 2G speeds between 12AM to 6 AM even if customer has any other 3G normal pack
  • 3G night store pack, 29/49, will take priority over 2G unlimited circles- (Only in 3G circles)
  • Multiple recharges of this pack on same day are not allowed.
Rs 9 Local A2A Unlimited + 2G Unlimited
  • Free local A2A calls applicable for Home circle only. Benefits do not apply while roaming.
  • Multiple recharges of this pack on same day are not allowed.
Rs 15 Local A2A Unlimited + 2G Unlimited
  • Free local A2A calls applicable for Home circle only. Benefits do not apply while roaming.
  • 3G night store pack, 29/49, will take priority over 2G unlimited circles- (Only in 3G circles)
  • Multiple recharges of this pack on same day are not allowed.
Rs 29/49 3G packs
  • None
Facebook Unlimited  Rs 1 – 2G Circles
  • Free benefit only for Facebook browsing. Any additional 3rd party content/videos etc. which redirect a customer to another 3rd party site will be chargeable
  • After 250MB Facebook data browsing speed 40kbps for all mobile internet usage till 6 AM.
  • Pack not applicable if customer has any other active Unlimited data pack
  • Pack will be available only post activating the Facebook pack on Night store and will not be given to all by default
  • Multiple recharges of this pack on same day are not allowed.
  • Facebook pack not applicable if customer already has an active unlimited 2G or 3G pack
Facebook Unlimited  Re 1 – 3G Circles
  • Free benefit only for Facebook browsing. Any additional 3rd party content/videos etc. which redirect a customer to another 3rd party site will be chargeable
  • After 250MB Facebook data browsing speed 40kbps for all mobile internet usage till 6 AM.
  • Till 250MB facebook data usage, 3G speed applicable for all other mobile internet usage
  • Pack not applicable if customer has any other active Unlimited data pack
  • Pack will be available only post activating the Facebook pack on Night store and will not be given to all by default
  • Multiple recharges of this pack on same day are not allowed.
  • Facebook pack not applicable if customer already has an active unlimited 2G or 3G pack

Like it ? Share it.
Key Match : Airtel Unlimited 2G, Airtel 3G Pack, Airtel Unlimited calls, Airtel Unlimited Facebook 

How to configure burp suite with firefox or Iceweasel


Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.
BurpSuite allow us to forward all of the web traffic from your browser through BurpSuite so that you can see each HTTP Request and Response and manipulate it to your heart’s content. We will configure burp suite with firefox or Iceweasel in Kali Linux or Backtrack.

1. Open Firefox or Iceweasel and Click on Edit then Preferences
(Click image for large view)

2. Preference Window will be open Now go to Advance → Network → Setting 


3. Select Manual Proxy then write localhost or 127.0.0.1 in HTTP Proxy area and port should be 8080. Use this proxy server for all protocols by checking the box. Clear the No Proxy field then Finally Click OK.

4. Now open burp suite 
    A. GUI Method
         Application → Kali Linux → Web Application → Web Vulnerability Scanners → burpsuite


    B. Open Terminal and type burpsuite.jar and Press Enter


5. If you are running burpsuite first time in your Kali Linux you will see this window Click on I Accept.


6. Burp Suit has been opened. Now Click on Proxy Tab then Click on Option Subtab and watch carefully local host interface running box should be check in Proxy Listeners. 


7. Scroll down in the same tab (Proxy Tab → Option subtab) 
    Intercept Client Requests
    → Select URL Match type and keep Clicking UP button till URL Match type reach at the top.
    → Check Box 'Intercept requests based on the following rules.'


8. As we can see URL match type now at the top. Now select 'File Extension' and click on Edit


9. Edit Window will be open. Here we will add 'jpeg' file extension. You can add or remove file extension as per your need. So, Write code and click on OK.


10. Scroll Down in the same tab (Proxy Tab → Option subtab)
       Intercept Client Responses 
       → Check Box 'Intercept Responses based on the following rules.'
       → Select URL Match type and keep Clicking UP button till URL Match type reach at the top.


11. Click on Add - we are going to add a new rule.


12. We will Add file extension match type according to below details:
      Boolean Operator : And
      Match type : File Extension
      Match relationship : Does not match
      Match condition: (^gif$|^jpg$|^png$|^css$|^js$|^ico$|^jpeg$)


13. Select 'File extension'  and keep Clicking UP button till 'File extension' reach at the 2nd top.


14. We have organized it.


15. Now Open Your Firefox or Iceweasel and write www.google.com in the web address area. You may see a message 'This Connection is Untrusted' if you’re using Google over HTTPS. 
You can add an exception everytime this happens when you’re using a proxy, but that can be irritating. We can also set Firefox or Iceweasel to trust the burp certificate so that we don’t get this error.The Pro version of burp allows us to get the certificate easily, but in the free version we have to do little work. You can browse any https enable website for doing this. After opening https enable website Click on 'I Understand the Risks'


16. Click on Add Exception...


17. Click on View


18. Click on Details Tab, Select PortSwigger CA then Click on Export.


19. Choose Your Save location, (must remember the location where you are saving your certificate.) Click on Save.


20. Open Your Browser Click on Edit then Click on Preferences.


21. Click on Advance Tab then Click on Encryption Subtab and Click on View Certificates.


22. Click on Authorities Tab then Click on Import.


23. Find the location where you saved your PortSwiggerCA. If you are unable to view saved file from the location, change your file type as 'All File'. Select your PortSwiggerCA and Open It.


24. A new window will appear, Check box 'Trust this CA to identity websites' then Click on OK.

25. If you will scroll down your Certificates Name You will Notice your Added Certificate there. Click OK. Now, you should be able to navigate to any SSL site in burp without being prompted to trust the certificate.

26. Here we want to make is to disable Google Safebrowsing. Safebrowsing is enabled for a reason but it can cause unwanted traffic during tests so we will disable it. Go to Security Tab and uncheck two boxes 'Block Reported Attack sites' and 'Block Reported web forgeries' Click Close.
(Click image for large view)

Like it ? Share it.

Key Match: How to setup burp suite with firefox, How to setup burp suite, burp suite configuration, How to use burp suite in Kali Linux, How to use burp suite in Backtrack 

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code