web hacking 101 burping for fun and maybe some profit
play

Web Hacking 101: Burping for fun and maybe some profit Magno - PowerPoint PPT Presentation

Feb 06, 2024 •251 likes •702 views

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com WHO AM I? ARE YOU SURE YOU WANNA KNOW? - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing

  1. Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com

  2. “WHO AM I? ARE YOU SURE YOU WANNA KNOW?” - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing on AppSec Testing, DevSecOps and Secure Coding Founder of JampaSec and OWASP Paraíba - www.jampasec.com Speaker at TheLongCon, RoadSecSP , MindTheSecRJ, BSidesSP ... Martial Artist, Investor, Gamer and Bug Bounty Hunter

  3. Agenda • Web Hacking 101 • BurpSuite Community v2 • Intro & Timeline • Proxy & Target • Requests & Responses • Dashboard & Spider • Headers & Methods • Intruder & Repeater • Status Codes, Sessions & • Comparer & Decoder Cookies • Encoding x Hashing x Crypto • Proxy & Web Proxy

  4. Disclaimer #1 I’m not a BurpSuite Expert!

  5. Disclaimer #2 Why not OWASP ZAP?

  6. HTTP 101 - Intro https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  7. HTTP 101 - Timeline https://www.polyglotdeveloper.com/timeline/2016-08-22-HTTP-Protocol-timeline/

  8. Request - Client https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  9. Response - Server https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  10. HTTP Requests Demo

  11. HTTP Headers • Allow the client and the server to pass additional information with the request or the response • Used in Name:Value format • Can be grouped in four different categories: • General Header • Request Header • Response Header • Entity Header https://developer.mozilla.org/pt-PT/docs/Web/HTTP/Headers

  12. HTTP Methods • GET - Request data from a specific resource. Ex: GET /form.php?param1=x&param2=y • POST - Send data to be processed Ex: POST /form.php HTTP / 1.1 Host: www.site.ca param1=x&param2=y

  13. Other HTTP Methods HEAD - Same as GET but only returns headers PUT - Puts a certain resource on the server. DELETE - Remove certain resource. OPTIONS - Returns the methods supported by server TRACE - Echoes the received request to check if any changes have been made by intermediate servers.

  14. HTTP Status Codes They are divided into 5 categories: • Informational (100-199) • Success (200-299) • Redirect (300-399) • Client Error (400-499) • Server Error (500-599) http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

  15. Sessions and Cookies • To manage the client session (Session ID) • Reminds server of user and their preferences • Are subject to capture, manipulation and fraud, if not protected • Widely used in most web applications today

  16. Encoding x Hash x Crypto • Encoding - HTML, URL, Unicode, Base64 Not encryption, can be reversed. Ex: dGhlbG9uZ2Nvbgo= • Hash - SHA-1, SHA-2, bcrypt, scrypt, PBKDF2, argon2 It's not encryption, it's one-way functions and can't be reversed. Used for integrity and passwords. Ex: 9E107D9D372BB6826BD81D3542A419D6 • Encryption - DES, RSA, AES Encryption itself can be reversed but need the cryptographic key. Used mostly for Confidentiality. Can be Symmetric or Asymmetric

  17. Proxy https://en.wikipedia.org/wiki/Proxy_server

  18. Burp Suite • It is an intercepting HTTP proxy (and WebSockets) • An integrated platform for performing security testing of web applications • Developed and maintained by PortSwigger • It currently has three editions: Community, Professional and Enterprise • Written in Java

  19. Burp Suite Community

  20. Burp Suite Community

  21. Burp Pentest Workflow

  22. OWASP Vulnerable Web Applications Directory Project https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project

  23. Burp Demo

  24. Burp Suite Configuration • Use a browser extension like FoxyProxy or SwitchyOmega to quickly enable or disable Burp • Make sure you add Burp’s SSL certificate to the browser • Other things that might be useful: • Add your target to the scope • Disable browser XSS Protection • Disable intercept by default

  25. Burp Suite Documentation

  26. Extender - BApp Store

  27. Proxy - Options

  28. Proxy - Intercept

  29. Proxy - HTTP History

  30. Proxy - HTTP History

  31. Dashboard v2.x

  32. Spidering

  33. Target - Site Map

  34. Target - Scope

  35. Intruder - Target

  36. Intruder - Positions

  37. Intruder - Payloads

  38. Intruder - Options

  39. Repeater

  40. Comparer

  41. Decoder

  42. Next Steps Take a look at Burp’s Extensions: • Auto-Repeater • Turbo Intruder Checkout The Cyber Mentor’s Web Hacking Course: https://www.youtube.com/playlist?list=PLLKT__MCUeixCoi2jtP2Jj8nZzM4MOzBL

  43. Thank you! Obrigado! Questions? Contacts: @magnologan magnologan at gmail dot com

  44. References WAHH v2 - https://www.amazon.ca/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 Tangled Web - https://www.amazon.ca/Tangled-Web-Securing-Modern-Applications/dp/1593273886/ Hacker 101 - https://www.hacker101.com/ BugCrowd University - https://github.com/bugcrowd/bugcrowd_university Web Security Academy - https://portswigger.net/web-security The Amazing Burp Suite - Ricardo Iramar - BSides SP 0xF

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1.

285 views • 26 slides
Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Intro Hardware Security Platform Security Hacking Q&A Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at Hamburg & Dublin City University 2010-12-16 1 / 54 Intro Hardware Security

974 views • 79 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda Introduction nodejS security Npm security packages Node Goat project Tools Node JS JavaScript in the backend Built on

762 views • 43 slides
Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for Fun and Profit! Reality Apps for Fun and Profit! Tutorial Presentation Tutorial Presentation Linux Conf Au - Adelaide, SA Linux Conf Au - Adelaide,

621 views • 61 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation & privilege escalation 4. Maintaining access & covering tracks

960 views • 62 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/ @ntschutta Fun and Profit Foundations of Ajax & Pro Ajax and Java Nathaniel T. Schutta Frameworks UI guy Author, speaker, teacher

844 views • 58 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits & Demos Q&A Why? Wrights Law

485 views • 27 slides
Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by benign purposes Hacktivism Counterhacking Case Studies Site defacement Network exploration / Port scanning / SQL injection / . . .

522 views • 18 slides
Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

ECF gratefully acknowledges financial support from the European Commission. Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in) the city of Copenhagen using bicycles. Bicycle-as-a-Sensor 1.

278 views • 11 slides
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers Objectives After reading this chapter and completing the exercises, you will be able to: Describe Web applications Explain Web application

530 views • 9 slides
Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com Agenda O V E R V I E W

1.07k views • 72 slides
NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR

NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR

NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR RESEARCH FOR RESEARCH FOR RESEARCH FOR RESEARCH Daniel L. Goroff Alfred P. Sloan Foundation Vice President & Program Director Views expressed

627 views • 52 slides
ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING TOOLKIT FREE, OPEN-SOURCE WHAT IS ZIGDIGGITY??? + = RaspBee radio + Raspberry Pi ZigDiggity - GitHub Code http://zigdiggity.com BISHOPFOX

617 views • 23 slides
Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020 HACKING C# - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases. Blogger, public speaker. Author of .NET

481 views • 37 slides
The Oakland REACH Making the powerless parent powerful

The Oakland REACH Making the powerless parent powerful

The Oakland REACH Making the powerless parent powerful oaklandreach.org #REACHforMore The Oakland REACH by the numbers 5,000+ 1:1s with parents in Oaklands lowest performing schools neighborhoods.

661 views • 22 slides
The Cost of Immediacy for Corporate Bonds Jens Dick-Nielsen Marco Rossi The 3rd MIT Golub Center

The Cost of Immediacy for Corporate Bonds Jens Dick-Nielsen Marco Rossi The 3rd MIT Golub Center

The Cost of Immediacy for Corporate Bonds Jens Dick-Nielsen Marco Rossi The 3rd MIT Golub Center for Finance and Policy conference September 28-29, 2016 (CBS and Texas A&M) 1 / 39 Corporate bond market: background OTC, dealer-driven

832 views • 59 slides
IBL CALCULUS Dr. Angie Hodge Northern Arizona University Angie Hodge, Ph.D. Who I am?

IBL CALCULUS Dr. Angie Hodge Northern Arizona University Angie Hodge, Ph.D. Who I am?

IBL CALCULUS Dr. Angie Hodge Northern Arizona University Angie Hodge, Ph.D. Who I am? Department of Mathematics and Statistics NAU Graduate of Purdue University (math and math ed) Project NeXT National Fellow (Sun dot)

829 views • 17 slides
Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall

Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall

Managing Managing Microservices Microservices E ff ectively E ff ectively Daniel Hall (@smarthall) Daniel Hall (@smarthall) About Me About Me Systems Engineer at LIFX Making the 'Internet' in the Internet of Things About This Talk About

556 views • 18 slides
CONSENSUAL NOT POLITICAL 1 0 S E P T E M B E R 2 0 1 7 CONSENSUAL NOT POLITICAL 1 0 S E P T

CONSENSUAL NOT POLITICAL 1 0 S E P T E M B E R 2 0 1 7 CONSENSUAL NOT POLITICAL 1 0 S E P T

CONSENSUAL NOT POLITICAL 1 0 S E P T E M B E R 2 0 1 7 CONSENSUAL NOT POLITICAL 1 0 S E P T E M B E R 2 0 1 7 I CANT MINE, ITS TOO CENTRALIZED. J U S T L E T T H AT S I N K I N . Libbitcoin Developer (4 years) E R I

253 views • 23 slides
3D Multi-Object Tracking for Autonomous Driving Xinshuo Weng Robotics Institute, Carnegie Mellon

3D Multi-Object Tracking for Autonomous Driving Xinshuo Weng Robotics Institute, Carnegie Mellon

3D Multi-Object Tracking for Autonomous Driving Xinshuo Weng Robotics Institute, Carnegie Mellon University RI PhD Speaking Qualifier September 24, 2020 Committee Member: Kris Kitani (advisor), Martial Hebert, David Held, Peiyun Hu 1 3D

741 views • 45 slides
LABOR DAY 1894 Basic Questions about Labor What is the just value of labor? What is a

LABOR DAY 1894 Basic Questions about Labor What is the just value of labor? What is a

LABOR DAY 1894 Basic Questions about Labor What is the just value of labor? What is a just view of labors rewardprivate property? What is the family role regarding labor? What is the role of civil government ( the

428 views • 38 slides
Careers spanning continents: From Europe to the US Random musings on one such career via

Careers spanning continents: From Europe to the US Random musings on one such career via

Careers spanning continents: From Europe to the US Random musings on one such career via Mark L oczy Livia.Markoczy@ucr.edu Gary A. Anderson Graduate School of Management University of California, Riverside Careers spanning

310 views • 14 slides

More recommend