Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools E-Book

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

By

Dr. Hedaya Mahmood Alasooly

[email protected]

While every precaution has been taken in the preparation of this book, the publisher assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

Copyright © 2023 Dr. Hedaya Mahmood Alasooly

Written by Dr. Hedaya Mahmood Alasooly.

1. Introduction:

1. Introduction:

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.

In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.

Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:

1. Installing and Configuring BurpSuite

2. BurpSuite Intruder.

3. Installing XMAPP and DVWA App in Windows System.

4. Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.

5. Scanning Kali-Linux and Windows Using .

6. Understanding Netcat, Reverse Shells and Bind Shells.

7. Adding Burps Certificate to Browser.

8. Setting up Target Scope in BurpSuite.

9. Scanning Using BurpSuite.

10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.

11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.

12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.

13. Exploiting File Upload Vulnerability.

14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.

15. Exploiting File Inclusion Vulnerability.

16. References.

2. Installing and Configuring BurpSuite:

2. Installing and Configuring BurpSuite:

a) Installing Community Edition of BurpSuite:

1. Go to official website of BurpSuite.

https://portswigger.net/burp

2. Go to community edition and download BurpSuite for Windows:

https://portswigger.net/burp/communitydownload

3. Install BurpSuite. In the first run burp is going to ask you to accept the terms. Select “I agree”.

4. In this page temporary project is the automatic selection because community version of burp suit does not allow you to save project into hard disk.

5. Click next . You can use “Burp Defaults”. Or you can load configurations from existing file. I am going to use the Burp defaults.

6. Then I got the following dashboard.

7. From “Settings” menu you can choose the display font size.

8. In the “Event Log” section, it displays everything that you know burp suit does in background. If any error pops up, then we can certainly identify in the Log section and fix accordingly

9. Let’s understand how proxy works. Click on “Proxy” section. Proxy is the essential part of BurpSuite because in the Proxy section we can monitor the requests that you send out from your web browser and the responses that you get back from server’s proxy. Proxy section also keeps track of the URLs that you have visited. BurpSuite is basically proxy that sits between your browser and server. When you setup proxy like BurpSuite, the request that you send out from web browser gets intercepted by proxy, the request that you send out from your web browser gets intercepted by the proxy , then you decide what to do with the request whether to forward the request to server to just to drop it and delete it. The proxy sections basically intercept the URLs and then you can now forward the URLS and requests to appropriate tools.

10. You can use burps embedded browser if you click on “Open browser”, then it should open the embedded browser. The embedded browser is specifically configured to work with BurpSuite and it basically comes on along with the installation of BurpSuite. You can also configure external browser to work with BurpSuite. In the defaults the proxy is configured to listen to incoming traffic at local host port number 8080.

11. Example, make sure to turn the intercept on. Back to BurpSuite browser. Request any website as example www.youtube.com. The BurpSuite browser is flashing. If you go to “Proxy/Intercept” section you will see that the BurpSuite proxy intercepted the request made from web browser. The BurpSuite browser is hanging because it is waiting the BurpSuite proxy to forward the request it is holding or it has intercepted. We can drop or delete the request or we can forward the request. When we select forward, the web page is loaded to the browser.

12. BurpSuite browser removed the SSL layer. SSL layer encrypts the traffic that the application received and sends out. BurpSuite needs data in plain text to work.

13. “Proxy/Http history” section saves the URLs that you have visited.

14. Click on “Target” tab. By default, the BurpSuite intercepts all web applications or URLs you visit. And when you actually doing or testing a website you actually don’t care about anything except the website or application you are testing. We can use “Target Scope” feature in BurpSuite to tell BurpSuite to crawl the application you are testing and it will ignore everything except the application you are testing. Add the URL of the website that you are interested to test.

15. From “Proxy/Options” section, we must check “And URL” options in “Intercept Client Requests” and “Intercept Server Requests” sections.

16. In “Target/Site Map”, you can select filter to filter the links to show only the “Target/Scope” URLs.

b) Installing Professional Edition of BurpSuite:

b) Installing Professional Edition of BurpSuite:

1. Professional Edition of BurpSuite is not available for free. But the crack of Professional Edition is available on the internet.

2. I installed jdk-16_windows-x64_bin.exe to make it simpler to install BurpSuite crack.

3. Download any BurpSuite crack from the internet. All cracks work in in same way. As example, I downloaded the crack of Burp_Suite_Professional_2022.2.2_Beta in Windows. When you open the folder, you get two files burploader.jar and burpsuite_pro_v2022.2.2.jar.

4. Run burploader.jar. Copy the License key and Press Run Button.

5. Now go to command line and change directory to the into the same folder you extracted the BURPSUITE file and type the below command:

> java -javaagent:burploader.jar -noverify -jar --illegal-access=permit burpsuite_pro_v2022.2.2.jar

6. The BurpSuite Professional program will run. Press I Accept to agreement.

7. Copy the key and Paste it into license field, and click next.

8. Now Press on “MANUAL ACTIVATION”

9. Now follow the steps in below image and copy paste the activation codes accordingly, and click next

Your BurpSuite Professional will be activated.