Jump to content
euxx75

Burp suite "student"

Recommended Posts

euxx75

Mi sono imbattuto, da qualche giorno, nel sito hack.me sviluppato dalla elearn security.

Ho provato a superare il test del "Dummy Bank" reperibile a questo indirizzo.

Dalla lettura dei commenti sembrava una prova molto banale e quindi, essendo io un banale "pts" ed avendo capito che era sufficiente usare Burp, ho provato a trovare la vulnerabilità...

Per farla in breve: non ci sono riuscito pur avendo riguardato con attenzione la parte del corso che spiega l'uso di burp e degli argomenti correlati (get, post etc etc).

Detto ciò mi chiedo e, soprattutto, vi chiedo: è un test troppo difficile per uno student o avrei dovuto superare la prova? Lo chiedo perchè a breve vorrei provare a sostenere la prova finale ma questi episodi mi fanno capire di non essere ancora all'altezza.... o sono io a non essere all'altezza o il corso student è un po' troppo "easy" nell'affrontare molto superficialmente l'uso di determinati programmi e metodologie. Immagino che nella versione PTP l'argomento Burp Suite sia trattato in maniera piu' approfondita ma leggendo i commenti sulla pagina dedicata alla "Dummy Bank" sembra che sia fin troppo facile trovare la vulnerabilità che per me non è stata...

 

Share this post


Link to post
Vincent

The preferred language of the forum is English. I don't speak Italian, yet, so I can't help you. Please send your message in english.

Share this post


Link to post
euxx75
14 hours ago, Vincent said:

The preferred language of the forum is English. I don't speak Italian, yet, so I can't help you. Please send your message in english.

Excuse me. I'm from Italy, undstand english but i write it not so well. Now i try to tell you what i write in italian.

I'm a PTS student. I tried to resolve this problem finding the vulnerabilities. In the post of some users on the page that i linked i read that it's very simple to resolve but i fail to resolve it. I restudied the lesson about burp suite but don't help me... so i ask to me and to you: it's a difficult problem to solve for a pts or the pts course is too shallow (simple)?

 

Share this post


Link to post
Vincent

Well, I have not tried that one yet. I did open it, (I am on an Android tablet), so I will only write what would do.

1. Run burp suite and spider the directory.

     That may find hidden or disconnected files.

2 the source code, it mentions myaccount.php, so I am thinking about dirbuster, to find files like .old .bak, or .xxx

 

I don't know if that will find anything, but it is where I would start.  The PTS course is excellent, just remember that you do not learn the entire functionality of burp suites in that one small chapter. The hack.me challenges are not rated on levels compared to the PTS course, what one person says as easy may not be.

 

Hope that gives you a little help/ guidance.

 

Vincent 

Share this post


Link to post
euxx75

Thank you Vincent but the solution is really easier but i don't know how delete the redirect vs login.php on myaccount.php with burp suite. When this redirect is deleted the page my account.php load session.php where is simple to log in with "admin" & "admin" (i think).

 

Share this post


Link to post
element

you are very near to the final solution! i wrote this hack.me, don't know if it's the appropriate difficulty level for pts course? maybe someone else knows about it?

Share this post


Link to post
GiRa

Hi all,

I just tried it. I think it's doable, with some extra effort, for a PTS student. @euxx75: have you completed the webapp attacks module first?

Hint: make sure to intercept all the requests, the default proxy settings will not work ;)

 

Share this post


Link to post
euxx75
On 26/7/2016 at 0:22 PM, GiRa said:

Hi all,

I just tried it. I think it's doable, with some extra effort, for a PTS student. @euxx75: have you completed the webapp attacks module first?

Hint: make sure to intercept all the requests, the default proxy settings will not work ;)

 

I returned today from my holydays :-). I've obviously completed the webapp attack module but it explain superficially how to use Burp Suite. I setted Burp correctly but i don't know how modify the response... I've correctly set Burp (I think) because it's explained well in the web app module of the course.... So now i try another time to solve the problem....

 

Share this post


Link to post
GiRa

You need the web app attack module for the needed attack skills AND the prerequisites web app module for the theory and the information about how to configure Burp.

 

Share this post


Link to post
cfernandez

I personally switched to ZAP Proxy now that is much more mature than used to be, is a 1-2 week learning curve to be able to do the same as BURP (and more) and now I am sooo much better, trusting OWASP community and open source(transparent not like BURP) now I never have to depend on one company/developer to keep up with updates or be a second level user like in Burp if you use the free version. I really recommend ZAP

Share this post


Link to post
euxx75

I'll try it... but, for now, with burp suite i deleted the header of the server response about "myaccount.php" and now i view session.php but i don't reach to insert user and password to view the "minion" on the page... 

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×