There are several approaches but an easy one would be to take the registration form we intercepted earlier, add a new key-value pair “role=admin”, and send the crafted request:Īs you can see, we get a “success” status, and when we log in with our new admin account, we’ve just solved a new challenge:īecause the OWASP teams made the Juicy Shop for educational purposes, there are other challenges to unlock before we can take full control of the environment, but it’s a good start. The form seems to create users with the role of “customer,” but, as pentesters, we will probably check if we can obtain a higher role, such as “administrator” or “admin.” It’s not supposed to happen, but if we can achieve that, it’s game over for the shop. We can click on “send” to register a new user and get further information: If we send that to the Repeater feature, we are now able to register new users directly from our dashboard by sending the same request with new values. The screenshot above shows how we did it. We can emulate such an attack by opening Burp (make sure intercept is turned on) and submitting a form. There are so many things to do with the Juicy Shop but let’s say we want to intercept the registration forms. Once you have all the dependencies installed and configured, you’re ready for the next steps.Īlso read: OWASP Names a New Top Vulnerability for First Time in Years How Do You Intercept Requests Using Burp? If you don’t know how to configure it, read the documentation. Once you have those, you can start the app with an npm start and go to Make sure the browser uses the proxy on 127.0.0.1 (the default port for Burp is 8080). In addition, you’ll need Node and NPM, which are not installed by default in Kali Linux. Follow this link for instructions on how to install it on your system (e.g., the Kali VM). The OWASP teams maintain this flawed web app for educational purposes. We’ll use the OWASP Juice Shop, “the most modern and sophisticated insecure web application,” as the vulnerable target. In that perspective, the OWASP top ten could be helpful to define goals and organize a complete work session, but here we’ll demonstrate just a few vulnerabilities. You can install the Burp suite on your system or use the prepackaged version in Kali Linux, but that won’t tell you what to do with it. a browser configured with the Burp proxy (Firefox on Kali is the easiest way)Īlso read: How Hackers Use Reconnaissance – and How to Protect Against It How to Set Up a Burp Suite Demo.a machine with the Burp Suite installed (use the default presets to speed up the install).In any case, you’ll need the following elements for the tests: There are browser extensions to ease the task. If you need to test this feature, you have to configure the browser to use the right proxy. The Burp suite has many advanced features but the most popular is probably the Burp proxy that can intercept requests. Of course, you don’t have to install Kali Linux, as the Burp suite can be installed as a standalone package on most operating systems, including the relatively recent macOS M1.Ībsolute beginners should probably stick with Linux Ubuntu or Debian distributions and download the installer, as Kali can be overwhelming and is more a supercharged OS for pentesters and ethical hackers. The easiest way to start with Burp is to install some virtual machines so you undertake your tests in safe conditions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |