Class 9 Lab 2 ‐ Intercept and Access - Justin-Boyd/Ethical-Hacking-Class GitHub Wiki

Task 1: Intercept HTTP Traffic

Step 1

  • Start your Kali and pfSense machines.

Step 2

  • Run Burp Suite. Ignore the message “Your JRE appears to be version 11.0.4 from Debian. Burp has not been fully tested on this platform and you may experience problems”.
  1. Open terminal
  2. burpsuite
  3. Ok

Step 3

  • Start a new “Temporary project” using Burp Suite defaults and initiate proxy interception while browsing to google.com. Don’t update Burp Suite.
  1. Wait for Burp Suite to start and accept the terms and conditions.
  2. Select Temporary project and click Next.
  3. Select “Use Burp defaults” and click Start Burp.
  4. Wait for the project initialization to end.
  5. Ignore the out-of-date notification, make sure the option “Don’t show again for this version” is selected, and click OK.
  6. Open the browser by clicking the Firefox icon in the menu bar.
  7. Open the browser by clicking the Firefox icon in the menu bar.
  8. Type google.com in the URL address field to navigate to Google.

Step 4

  • Note that the interception does not work. This happens because Firefox is not configured to use Burp as a proxy server. Proceed with configuring the proxy.
  1. Click the menu icon to the right of the URL address field and select Preferences.
  2. Scroll to the Network Proxy section at the bottom of the Preferences page, and click Settings.
  3. Select “Manual proxy configuration” and make sure “Use this proxy server for all protocols” is selected. Set the address 127.0.0.1 and port 8080.
  4. Make sure the “No proxy for” specifications are empty and click OK.

Step 5

  • Browse to Google and note the unsecure connection warning. The warning appears because there is no certificate in use.
  1. Switch back to the Google tab in Firefox.
  2. Refresh the page.
  3. An unsecure connection warning appears.
  4. The warning means that there is no certificate in use.

Task 2: Use a Burp Suite Certificate

Step 1

  • From the proxy Options tab in Burp Suite, export a CA certificate in DER format and save it to your machine. Name the certificate “cert.crt”.
  1. Switch back to the Burp Suite screen.
  2. Make sure that you are in the Proxy tab and switch to the Options tab.
  3. Click “Import/ export CA certificate”.
  4. Under Export, select “Certificate in DER format”, and click Next.
  5. Click Select file.
  6. In the File Name field, enter “cert.crt”, and click Save.
  7. Click Next to save it to /root/.
  8. A message appears saying the certificate was exported successfully.

Step 2

  • Apply the exported certificate to Firefox.
  1. Switch back to Firefox and select the Preferences tab.
  2. Select the “Privacy & Security” tab, scroll down to the Certificates area, and click View Certificates.
  3. Click Import.
  4. Load the certificate created earlier.
  5. Select “Trust this CA to identify websites” and click OK.
  6. Click OK.

Step 3

  • Turn off Interception in Burp Suite and browse Google.com again to verify that the warning no longer appears.
  1. Switch back to the Burp Suite screen.
  2. Make sure that you are in the Proxy tab, and click the Intercept option.
  3. Select “Intercept is off”.
  4. In the Firefox browser, browse to Google and note that no warning appears.

Task 3: Hack Login Credentials

Step 1

  • Set the apache2 port configuration to port 80, and restart the Apache2 service.
  1. Open terminal
  2. nano /etc/apache2/ports.conf
  3. Use the arrows on the keyboard to scroll down, and change the listening port from 9191 to 80. Then press Ctrl+x and type ‘y’ to confirm the change.
  4. Press Enter to finish and exit Edit mode.
  5. service apache2 restart

Step 2

  • Back up the files in /var/www/html/ and replace them with the content of the provided WebPage directory.
  1. mv /var/www/html/index.html /var/www/html/index.nginx-debian.html /root/Desktop
  2. cd Desktop/WebPage/
  3. ls
  4. mv * /var/www/html/
  5. cd /var/www/html/
  6. ls

Step 3

  • Browse to yourIP/index.html (use your IP address and not a loopback address, to enable Burp to intercept traffic). Try to guess the password, and note the message.
  1. Open Firefox
  2. 192.168.0.15/index.html
  3. Try any password and click Submit.
  4. Note the result.

Step 4

  • Start intercepting data with Burp Suite. Refresh the web page while intercepting, guess a password again, and examine the captured package.
  1. Switch to Burp Suite and turn on Intercept mode.
  2. Switch back to Firefox and click the Go Back icon.
  3. Enter a random password and click Submit.
  4. Intercept data with Burp Suite.

Step 5

  • Select the Action tab and send the packet to the Intruder to begin a brute-force attack.

Step 6

  • Load the WordList.txt file provided with this lab as the payload, and start the attack to detect the password.