web hacking 101 burping for fun and maybe some profit
play

Web Hacking 101: Burping for fun and maybe some profit Magno - PowerPoint PPT Presentation

Feb 06, 2024 •251 likes •702 views

Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com WHO AM I? ARE YOU SURE YOU WANNA KNOW? - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing

  1. Web Hacking 101: Burping for fun and maybe some profit Magno (Logan) Rodrigues magnologan at gmail dot com

  2. “WHO AM I? ARE YOU SURE YOU WANNA KNOW?” - Parker, Peter (Spider Man 2002) InfoSec/AppSec Specialist / CompTIA Instructor Focusing on AppSec Testing, DevSecOps and Secure Coding Founder of JampaSec and OWASP Paraíba - www.jampasec.com Speaker at TheLongCon, RoadSecSP , MindTheSecRJ, BSidesSP ... Martial Artist, Investor, Gamer and Bug Bounty Hunter

  3. Agenda • Web Hacking 101 • BurpSuite Community v2 • Intro & Timeline • Proxy & Target • Requests & Responses • Dashboard & Spider • Headers & Methods • Intruder & Repeater • Status Codes, Sessions & • Comparer & Decoder Cookies • Encoding x Hashing x Crypto • Proxy & Web Proxy

  4. Disclaimer #1 I’m not a BurpSuite Expert!

  5. Disclaimer #2 Why not OWASP ZAP?

  6. HTTP 101 - Intro https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  7. HTTP 101 - Timeline https://www.polyglotdeveloper.com/timeline/2016-08-22-HTTP-Protocol-timeline/

  8. Request - Client https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  9. Response - Server https://developer.mozilla.org/en-US/docs/Web/HTTP/Overview

  10. HTTP Requests Demo

  11. HTTP Headers • Allow the client and the server to pass additional information with the request or the response • Used in Name:Value format • Can be grouped in four different categories: • General Header • Request Header • Response Header • Entity Header https://developer.mozilla.org/pt-PT/docs/Web/HTTP/Headers

  12. HTTP Methods • GET - Request data from a specific resource. Ex: GET /form.php?param1=x&param2=y • POST - Send data to be processed Ex: POST /form.php HTTP / 1.1 Host: www.site.ca param1=x&param2=y

  13. Other HTTP Methods HEAD - Same as GET but only returns headers PUT - Puts a certain resource on the server. DELETE - Remove certain resource. OPTIONS - Returns the methods supported by server TRACE - Echoes the received request to check if any changes have been made by intermediate servers.

  14. HTTP Status Codes They are divided into 5 categories: • Informational (100-199) • Success (200-299) • Redirect (300-399) • Client Error (400-499) • Server Error (500-599) http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

  15. Sessions and Cookies • To manage the client session (Session ID) • Reminds server of user and their preferences • Are subject to capture, manipulation and fraud, if not protected • Widely used in most web applications today

  16. Encoding x Hash x Crypto • Encoding - HTML, URL, Unicode, Base64 Not encryption, can be reversed. Ex: dGhlbG9uZ2Nvbgo= • Hash - SHA-1, SHA-2, bcrypt, scrypt, PBKDF2, argon2 It's not encryption, it's one-way functions and can't be reversed. Used for integrity and passwords. Ex: 9E107D9D372BB6826BD81D3542A419D6 • Encryption - DES, RSA, AES Encryption itself can be reversed but need the cryptographic key. Used mostly for Confidentiality. Can be Symmetric or Asymmetric

  17. Proxy https://en.wikipedia.org/wiki/Proxy_server

  18. Burp Suite • It is an intercepting HTTP proxy (and WebSockets) • An integrated platform for performing security testing of web applications • Developed and maintained by PortSwigger • It currently has three editions: Community, Professional and Enterprise • Written in Java

  19. Burp Suite Community

  20. Burp Suite Community

  21. Burp Pentest Workflow

  22. OWASP Vulnerable Web Applications Directory Project https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project

  23. Burp Demo

  24. Burp Suite Configuration • Use a browser extension like FoxyProxy or SwitchyOmega to quickly enable or disable Burp • Make sure you add Burp’s SSL certificate to the browser • Other things that might be useful: • Add your target to the scope • Disable browser XSS Protection • Disable intercept by default

  25. Burp Suite Documentation

  26. Extender - BApp Store

  27. Proxy - Options

  28. Proxy - Intercept

  29. Proxy - HTTP History

  30. Proxy - HTTP History

  31. Dashboard v2.x

  32. Spidering

  33. Target - Site Map

  34. Target - Scope

  35. Intruder - Target

  36. Intruder - Positions

  37. Intruder - Payloads

  38. Intruder - Options

  39. Repeater

  40. Comparer

  41. Decoder

  42. Next Steps Take a look at Burp’s Extensions: • Auto-Repeater • Turbo Intruder Checkout The Cyber Mentor’s Web Hacking Course: https://www.youtube.com/playlist?list=PLLKT__MCUeixCoi2jtP2Jj8nZzM4MOzBL

  43. Thank you! Obrigado! Questions? Contacts: @magnologan magnologan at gmail dot com

  44. References WAHH v2 - https://www.amazon.ca/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 Tangled Web - https://www.amazon.ca/Tangled-Web-Securing-Modern-Applications/dp/1593273886/ Hacker 101 - https://www.hacker101.com/ BugCrowd University - https://github.com/bugcrowd/bugcrowd_university Web Security Academy - https://portswigger.net/web-security The Amazing Burp Suite - Ricardo Iramar - BSides SP 0xF

Recommend

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source

Hacking Consumer Devices for Fun and Profit An Insider's View of the NSLU2-Linux Open-Source Project Rod Whitby <rod@whitby.id.au> NSLU2-Linux Project Lead Hacking Consumer Devices for Fun and Profit 5. Official Kernel Support 1.

285 views • 26 slides
Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at

Intro Hardware Security Platform Security Hacking Q&A Security in Mobile Devices Hacking Mobiles for Fun and Profit Tobias Mueller Universit at Hamburg & Dublin City University 2010-12-16 1 / 54 Intro Hardware Security

974 views • 79 slides
ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda

Hacking NodeJS applications for fun and profit Testing NodeJS Security by @jmortegac Agenda Introduction nodejS security Npm security packages Node Goat project Tools Node JS JavaScript in the backend Built on

762 views • 43 slides
Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for

Hacking Your Own Virtual and Augmented Hacking Your Own Virtual and Augmented Reality Apps for Fun and Profit! Reality Apps for Fun and Profit! Tutorial Presentation Tutorial Presentation Linux Conf Au - Adelaide, SA Linux Conf Au - Adelaide,

621 views • 61 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation & privilege escalation 4. Maintaining access & covering tracks

960 views • 62 slides
Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1

Hacking SecondLife Michael Thumann Hacking SecondLife by Michael Thumann 2/24/08 1 Disclaimer Everything you are about to see, hear, read and experience is for educational purposes only. No warranties or guarantees implied or

692 views • 47 slides
Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/

Who am I? Nathaniel T. Schutta Hacking Your Brain For http://www.ntschutta.com/jat/ @ntschutta Fun and Profit Foundations of Ajax & Pro Ajax and Java Nathaniel T. Schutta Frameworks UI guy Author, speaker, teacher

844 views • 58 slides
Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June

Drone Hacking Basics Intro to UAS Architectures, Attack Vectors and RF Hacking Matt Koskela June 15, 2017 Outline Drone Architectures RF Basics Information Gathering RF Hacking Tools Exploits & Demos Q&A Why? Wrights Law

486 views • 27 slides
Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by

Hacking, Hacktivism, and Counterhacking April 22, 2015 Outline Vocabulary Hacking motivated by benign purposes Hacktivism Counterhacking Case Studies Site defacement Network exploration / Port scanning / SQL injection / . . .

522 views • 18 slides
Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in)

ECF gratefully acknowledges financial support from the European Commission. Hacking Copenhagen ITS World Congress, Copenhagen 2018 Hacking Copenhagen Digitalising (life in) the city of Copenhagen using bicycles. Bicycle-as-a-Sensor 1.

278 views • 11 slides
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 10 Hacking Web Servers Objectives After reading this chapter and completing the exercises, you will be able to: Describe Web applications Explain Web application

530 views • 9 slides
Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat

Pulp Google Hacking The Next Generation Search Engine Hacking Arsenal 3 August 2011 Black Hat 2011 Las Vegas, NV Presen sented ed b by: Francis Brown Rob Ragan Stach & Liu, LLC www.stachliu.com Agenda O V E R V I E W

1.07k views • 72 slides
NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR

NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR

NON NON- -PROFIT SUPPORT PROFIT SUPPORT NON NON - - PROFIT SUPPORT PROFIT SUPPORT FOR RESEARCH FOR RESEARCH FOR RESEARCH FOR RESEARCH Daniel L. Goroff Alfred P. Sloan Foundation Vice President & Program Director Views expressed

627 views • 52 slides
ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING

ZIGDIGGITY ZIGBEE HACKING TOOLKIT AUGUST 7-11, 2019 http://zigdiggity.c om NEW ZIGBEE HACKING TOOLKIT FREE, OPEN-SOURCE WHAT IS ZIGDIGGITY??? + = RaspBee radio + Raspberry Pi ZigDiggity - GitHub Code http://zigdiggity.com BISHOPFOX

617 views • 23 slides
Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020

Hacking C# CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 19.08.2020 HACKING C# - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases. Blogger, public speaker. Author of .NET

481 views • 37 slides
Anna Satsiou, CERTH AIM PROFIT Playground Technology Advancements of PROFIT

Anna Satsiou, CERTH AIM PROFIT Playground Technology Advancements of PROFIT

Anna Satsiou, CERTH AIM PROFIT Playground Technology Advancements of PROFIT PROFIT Use Scheme PROFIT Target Users COLLECTIVE COMMUNITY AWARENESS Subscribe to our newsletter PROFIT Team 1st Int.

455 views • 13 slides
Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi

Ethical Hacking Finse 2019 Cyber Security Winter school Universitetet i Oslo Laszlo Erddi From Myself Associate Professor at UiO Teaching Ethical Hacking since 2012 Lecturer of the IN5290 Ethical Hacking at UiO Leader

878 views • 66 slides
Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking

CLIMATE CHANGE IN HELTHCARE : Driving Innovation through the www.linkedin.com/pulse/climate-change-healthcare-lucien- hacking engelen GIB DE MEDEIROS, PH.D. Digital Hospital Transformation Forum at HIC 2017 Brisbane, Australia HACKING

644 views • 27 slides
Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking

Hacking Telco equipment The HLR/HSS Laurent Ghigonis Security researcher at P1 Security Hacking Telco equipment: The HLR/HSS Laurent Ghigonis P1 Security 2014, Hackito Ergo Sum - Security Conference What are we talking about ? A mobile

724 views • 59 slides
Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Mr. Robot, an Emmy Award-winning TV drama starring a vigilante hacker CS 88S Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review last weeks material Hack Hollywood Hacking: The Good, The

718 views • 45 slides
Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized

Hacking Russia: Inside an Hacking Russia: Inside an unprecedented prosecution of organized cybercrime Joseph Menn Agenda Agenda Why Russia matters (and differs from China) Why Russia matters (and differs from China) How three hackers got

557 views • 12 slides
Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de

Outline Google Hacking Privacy Searches Countermeasures Future Work Conclusion Google Hacking against Privacy Emin Islam Tatl tatli@th.informatik.uni-mannheim.de Department of Computer Science, University of Mannheim (on leave to the

389 views • 21 slides
Ethical Hacking Philip Robbins August 31, 2013 Information Security & Assurance Program

Ethical Hacking Philip Robbins August 31, 2013 Information Security & Assurance Program

ISA 330 Introduction to Proactive System Security Week #1 Ethical Hacking Philip Robbins August 31, 2013 Information Security & Assurance Program University of Hawai'i West Oahu 1 Ethical Hacking Topics Introductions Syllabus

1.17k views • 88 slides

More recommend