:.: BurpSuite :.:

Burp Suite ဆိုတာဘာလဲ ? 

Burp ကေတာ့ website security ပိုင္းဆိုင္ရာမွာ အလြန္ကိုေကာင္းမြန္တဲ့ tools တခုပါ ။ Security သုေတသနေတြနဲ႔ Security Pentester ေတြအမ်ားဆံုး အသံုးၿပဳၾကပါတယ္ ။ Interface ေပါင္းေၿမာက္မ်ားစြာနဲ႔ Tools အမ်ိဳးမ်ိဳးပါ၀င္ၿပီး programming languages တခုျဖစ္တဲ့ Java နဲ ့ေရးထားေသာ Application တခုျဖစ္ပါတယ္ ။

ပါ၀င္တဲ့ Features ေတြက :.:

Proxy: Burp Proxy is an interactive HTTP/S proxy server for attacking and testing web applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw traffic passing in both directions.

Spider: Burp Spider is a tool for mapping web applications. It uses various intelligent techniques to generate a comprehensive inventory of an application’s content and functionality.

Scanner: Burp Scanner is a tool for performing automated discovery of security vulnerabilities in web applications. It is designed to be used by penetration testers, and to fit in closely with your existing techniques and methodologies for performing manual and semi-automated penetration tests of web applications.

Intruder: Burp Intruder is a tool for automating customised attacks against web applications.

Repeater: Burp Repeater is a tool for manually modifying and reissuing individual HTTP requests, and analysing their responses. It is best used in conjunction with the other Burp Suite tools. For example, you can send a request to Repeater from the target site map, from the Burp Proxy browsing history, or from the results of a Burp Intruder attack, and manually adjust the request to fine-tune an attack or probe for vulnerabilities.

Sequencer: Burp Sequencer is a tool for analysing the degree of randomness in an application’s session tokens or other items on whose unpredictability the application depends for its security.

Decoder: Burp Decoder is a simple tool for transforming encoded data into its canonical form, or for transforming raw data into various encoded and hashed forms. It is capable of intelligently recognising several encoding formats using heuristic techniques.

Comparer: Burp Comparer is a simple tool for performing a comparison (a visual “diff”) between any two items of data. In the context of attacking a web application, this requirement will typically arise when you want to quickly identify the differences between two application responses (for example, between two responses received in the course of a Burp Intruder attack, or between responses to a failed login using valid and invalid usernames), or between two application requests (for example, to identify the different request parameters that give rise to different behaviour).

Source: http://www.portswigger.net/suite/ 

Top 125 Network Security Tools ေတြထဲမွာ Burp Suite  ဟာ 13 ေနရာမွာ တည္ရွိေနျပီး 2013 top 15 hacking tool ထဲမွာ နံပါတ္ 1 ေနရာမွာတည္ရွိေနပါတယ္ ။ Burp Suite ဟာ SQLmap လိုမ်ိဳး Click and Automatic tool တမ်ိဳးမဟုတ္တလို Webscanner သီးသန္ ့လဲမဟုတ္ပါဘူး .. .. ေနာက္ Burp Suite Tutorial ေတြ ဖတ္ရင္ နားလည္လာျပီး အရသာေတြ ့လာပါလိမ့္မယ္ ။

Download :  Offlicial Website မွာဘဲ သြားေဒါင္းလုပ္ လိုက္ပါ ။

Requirement :.:
လိုအပ္တာကေတာ့ JRE: (Server Java Runtime Environment) 1.6.0 လိုအပ္ပါတယ္ ။ Latest Version JRE7 နဲ ့မရပါဘူး . က်ြန္ေတာ္ Latest Version သြင္းျပီး တိုင္ပတ္ဘူးပါတယ္ 

Download > Download :.: JRE: (Server Java Runtime Environment) 1.6.0 

အားလံုးျပီးသြားျပီဆိုရင္ ခုနက Download ဆြဲလာတဲ့ File ကို Extract File လုပ္ျပီး burpsuite_pro_v1.4beta.jav ကို Run လိုက္ပါ ။ :.:: ဒီေနရာမွာ တခ်ိဳ ့ Run လို ့မရျဖစ္တက္ပါတယ္ .. .. ဒါဆိုရင္ jav ဖိုင္ကို Cmd လမ္းအတိုင္းေခၚျကည့္ရေအာင္ ။  

      cd little_inject/webhacking/burpsuite v1.4_pro/java -jar burpsuite_pro_v1.4beta.jar

ဒါဆိုရင္ ပိုအဆင္ေျပသြားပါျပီ . Jav ဖိုင္ေတြကို RUN လို ့မရရင္ CMD ကေခၚတာအဆင္ေျပဆံုးပါ  ok .. Run လိုက္ရင္ ေအာက္ကပံုအတိုင္းေပၚလာပါလိမ့္မယ္ ..

ဒါဆိုရင္ ပထမဦးဆံုးလုပ္ရမွာက ကိုယ္သံုးမဲ့  Browser(Firefox) မွာ Proxy ခ်ိန္းေပးရပါမယ္ ။  ဒါဆိုရင္ Burp Suite Tab ေတြထဲက Proxy tab ကိုေရြးျပီး Sub-tab မွာ Options ကိုထပ္ေရြးလိုက္ပါ ။ ဒါဆိုရင္ Proxy Listeners မွာ Port 8080 ကိုေတြ ့ပါလိမ့္မယ္ ..

ဒါဆိုရင္ Firefox မွာ Options ဖြင့္ျပီး Advanced tab ကိုဖြင့္လိုက္ပါ . ျပီးရင္ Network . Network ေဘးက Settings ကိုႏိုပ္ျပီး Connection Settings မွာေအာက္ကပံုအတိုင္း Change ပါ ။ 

ျပီးရင္ Ok ေပါ့ ။ :) ဒါဆို burpsuite က web traffic ကို capture ရိုက္နိုင္ပါျပီ . ရိုးရွင္းေအာင္ ေျပာရရင္ burpsuite proxy နဲ ့ configure လုပ္လိုက္ျခင္းဟာ Firefox ကဖြင့္ထားတဲ့ Web ေတြကို ဆြဲယူလိုက္တဲ့ သေဘာပါ ။ URL ကေန load လုပ္တာနဲ ့ burp proxy configure လုပ္ျပီးသားျဖစ္တဲ့အတြက္ burpsuite > proxy tab > history tab ထဲမွာျပန္ျကည့္လို ့ရသြားပါျပီ ။ အကယ္၍ ကိုယ္က တျခား Browser ဆိုရင္ ...

• Chrome - The Chrome browser picks up the HTTP proxy settings configured on the host computer. If you are using Chrome, you can open your computer's built-in browser and follow the instructions for configuring that. If you aren't sure where the built-in proxy settings are, open Chrome, go to the Customize menu, select Settings, click on "Show advanced settings", and click the "Change proxy settings ..." button. This will open the relevant configuration options for your host computer.

•Safari - Go the Safari menu, click on Preferences, click on Advanced, and by the Proxies label click the "Change Settings" button. This will open the Network configuration settings for your current network adapter. In the Proxies tab, check the "Web Proxy (HTTP)" box, and enter your Burp Proxy listener address in the "Web Proxy Server" field (by default, 127.0.0.1), and your Burp Proxy listener port in the (unlabeled) port field (by default, 8080). Ensure the "Bypass proxy settings for these Hosts & Domains" box is empty. Repeat these steps for the "Secure Web Proxy (HTTPS)" checkbox. Click "OK" and "Apply" and close the open dialogs.

ဒါေလးက BurpSuite Base လို ့လဲေျပာလို ့ရပါတယ္ ။ က်ြန္ေတာ္ Burpsuite စစကိုင္တုန္းက အရင္ Tool ေတြလို Target URL box (Search box) လိုက္ရွာခဲ့ဘူးတယ္ ..  က်ြန္ေတာ္ မေန ့တေန ့ကမွာ BurpSuite ကို ကိုဒုတ္ ေက်းဇူးနဲ ့သံုးခဲ့ဘူးတာပါ . . ဒါေျကာင့္အမွားပါရင္ ေတာင္းပန္ပါတယ္ .. 

Credit and Source : M.H.U And Dongoth