Burp Suite

Welcome to the introductory tutorial to Burp Suite. It gives details about the installation and usage of Burp Suite, which is an essential tool for bug hunters and web application pentesters.

Burp Suite logo

Installing JAVA

In Ubuntu open the terminal then run:

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

sudo apt-get install oracle-java8-installer

Install Foxyproxy

Foxyproxy for Firefox

Download links are:

Click on Foxyproxy’s icon and click “Options”:

FoxyProxy edit tabClick “Add new proxy”.  In the “Proxy details” section → “Manual Proxy Configuration” insert the following values for Server and Port:

  • Server: 127.0.0.1
  • Port: 8080

In the “General” section, give the proxy a name and select a color. Then save.

Now start the proxy you just created by right-clicking on the Foxyproxy icon and selecting the newly created proxy.

Burp Suite – How To

Starting Up Burp Suite

Double-click on Burp executable to start it. On Linux double-click the jar file or download the plain jar file, and run it from the terminal:

java -jar burpsuite_community_v1.7.33.jar

Note. Your version may have a different version number.

Start Burp Suite with default settings.

Proxy

The proxy intercepts requests from the web browser. Requests can be modified in real time or can also be viewed in connection with their responses in the “HTTP history” tab.

Click “Proxy” > “Intercept” > “Intercept On” this will stop requests intercepting.

Burp Suite intercept tab

Once the page is open in the web browser when “intercept is on,” Burp will display the request sent from your browser until you press “forward” or if “intercept is on” is enabled. Unless the request to the web application server will not be forwarder henceforth, no response will be received. We can see the web browser waiting for the response to be initiated. Since Burp suite yet has not initiated the send request.

If the intercept is on and you do not want to send the request forward, click “drop.” Requests will not be sent to the destination. “drop” tab also enables to inspect the request and then drop it once when done. For example, the request will be intercepted by clicking on “submit” button on the target site. The request will be made available immediately in the repeater side “action” → “Send to repeater” which then “drop”. 

Proxy Options

To see the proxy settings, Click “Proxy” → “Optionsauthorized

FoxyProxy options tab

As you can see the default port used by Burp for its proxy is port 8080. Choose the same for Foxyproxy. You can have multiple proxies; you need to make sure that the ports in Burp and Foxyproxy match.

To conclude:

The Foxy Proxy configuration: IP: 127.0.0.1 Port: 1337, must be similar to the same configuration in Burp Proxy, IP: 127.0.0.1 Port: 1337. The communication protocol works as follows:

  • The target site is browsed by the user;
  • Foxy Proxy and Burp are configured with same IP and Port as explained above;
  • Foxy Proxy is on; then Burp Proxy is on;
  •  Every single request made by the user sends it corresponding to the proxy’s IP, and port  is taken by Foxy Proxy ( in this case Burp’s proxy);
  • Intercepted request by the Burp Proxy is stored in the HTTP History;
  • Concurrently, Burp also forwards the request to the destination web application server and waits for a reply
  • Once the web server is initiated to send back a response, Burp forwards the response to the Browser.

Foxy Proxy ensures that all the initiated requests are sent to Burp’s Proxy.

Resources:

https://portswigger.net/burp

Try Certified Ethical Hacker for FREE!!!https://infosecaddicts.com/course/certified-ethical-hacker-v10/

Avatar

This post was written by Ruben Dario Caravajal Herrera