1
00:00:01,360 --> 00:00:04,000
The proxy that we're going to be using is birth proxy.

2
00:00:04,030 --> 00:00:09,940
Now birth is a really big program that can be used for a lot of things but we're going to be focusing

3
00:00:09,970 --> 00:00:13,240
on how to use the proxy in this lecture.

4
00:00:13,240 --> 00:00:16,080
So we're going to be using the proxy in a lot of lectures.

5
00:00:16,120 --> 00:00:20,350
I'm going to explain how to run it and configure the browser to use it once.

6
00:00:20,440 --> 00:00:22,670
And in the future I'll be skipping through this step.

7
00:00:22,750 --> 00:00:27,100
I'm just going to say I'm going to run Bert proxy and you should carry out these steps.

8
00:00:27,670 --> 00:00:33,140
So hope Burke is going to work as we have outlined here and we have the web server just like we've seen

9
00:00:33,140 --> 00:00:38,110
it before and we have BHM a website loaded on our candy machine.

10
00:00:38,170 --> 00:00:44,950
So when we send the request and we said instead of sending it directly to the web browser we're actually

11
00:00:44,950 --> 00:00:48,880
going to configure our browser to send the request to burp.

12
00:00:48,970 --> 00:00:50,800
So this is our proxy running here.

13
00:00:50,880 --> 00:00:54,810
Bert you'll see all the parameters that are being posted to the Web site.

14
00:00:54,850 --> 00:01:00,790
So we're going to see the post request they get requests and we'll see them after all the client code

15
00:01:00,790 --> 00:01:02,010
has been applied.

16
00:01:02,050 --> 00:01:04,360
So some Web sites apply client side code.

17
00:01:04,360 --> 00:01:07,080
As I said to the request before they send it.

18
00:01:07,150 --> 00:01:12,750
So we're going to be able to see the requests after the client side code has been applied.

19
00:01:12,790 --> 00:01:16,870
This is very important because a lot of Web sites use filtering as client side.

20
00:01:16,870 --> 00:01:21,600
And then we'll be able to bypass all of these filters by intercepting the request.

21
00:01:21,910 --> 00:01:27,090
Then once we modify the request in birth we're going to forward it to the Web site the website will

22
00:01:27,090 --> 00:01:31,260
execute it and give it back to us.

23
00:01:31,260 --> 00:01:37,290
So again we're going to redirect the requests to burp modify them here send them to the Web site Web

24
00:01:37,290 --> 00:01:39,870
site executes it give it back to us.

25
00:01:39,870 --> 00:01:44,400
Now we're going to be using this a lot in the future and the idea will become much more clear in the

26
00:01:44,400 --> 00:01:44,730
future.

27
00:01:44,730 --> 00:01:49,110
So if you don't really get it now just keep going through the lectures and I think it'll become much

28
00:01:49,110 --> 00:01:49,850
more clear.

29
00:01:51,140 --> 00:01:53,380
Let me show you how to configure burp.

30
00:01:53,720 --> 00:01:59,760
So first of all I'm just going to start work so you can run it here from the dock or you can run absoute

31
00:01:59,810 --> 00:02:03,530
from the terminal.

32
00:02:03,540 --> 00:02:09,360
Now this is just telling me about some Tim project I had We're just going to click next to use a template

33
00:02:09,360 --> 00:02:15,230
project and we're going to use the defaults.

34
00:02:15,310 --> 00:02:17,270
So we have a problem here.

35
00:02:17,440 --> 00:02:20,310
And as I said it's a really big Seuthes with a lot of options.

36
00:02:20,320 --> 00:02:28,120
What we're interested in the proxy so we can see that the proxy is set to ON and the most important

37
00:02:28,120 --> 00:02:35,760
thing now is to go on options and you'll see that the proxy is running on port 80 80 OK.

38
00:02:35,900 --> 00:02:42,990
Now anything we do here is still not centerboard because we are not redirecting anything to it yet.

39
00:02:42,990 --> 00:02:49,770
So we need to set up this we need to tell our web browser to send all the requests to the port that

40
00:02:49,770 --> 00:02:50,730
verb is running on.

41
00:02:50,730 --> 00:02:52,550
So Burke is running on 88.

42
00:02:52,920 --> 00:02:58,400
So now I'm going to go to my preferences.

43
00:02:58,540 --> 00:03:09,290
I'm going to go in advanced network settings and we're going to use manual proxy configuration and we're

44
00:03:09,290 --> 00:03:16,330
going to use port 80 80 and the IP is 7 0 0 0 exactly like it's in here.

45
00:03:16,350 --> 00:03:19,380
And the options I'm going to click on.

46
00:03:19,380 --> 00:03:20,020
OK.

47
00:03:21,570 --> 00:03:30,000
And now anything I do on this web browser will be redirected to burp before it goes to the website or

48
00:03:30,010 --> 00:03:32,680
anything I do here will be redirected to the proxy.

49
00:03:32,680 --> 00:03:36,850
I can modify all the requests and send it to the web server.

50
00:03:37,180 --> 00:03:44,080
So let's see how is this going to work so I'm going to go back here to the intercept and I'm just going

51
00:03:44,080 --> 00:03:45,430
to click on any link in here.

52
00:03:45,430 --> 00:03:53,790
So if I just go for example on the file inclusion you'll see that perp here has intercepted a packet.

53
00:03:54,130 --> 00:03:55,990
And if we go here on the parameters

54
00:03:59,940 --> 00:04:03,090
you'll see the stuff that perp is sending.

55
00:04:03,240 --> 00:04:07,310
So we can see that it's asking for a page called include poetry.

56
00:04:07,490 --> 00:04:12,060
It's telling that the security should be low and it's sending.

57
00:04:12,120 --> 00:04:14,140
SS ID.

58
00:04:14,250 --> 00:04:19,440
So again on the headers you'll see all the headers that's been sent and you can modify any of these

59
00:04:19,440 --> 00:04:21,400
values by double click on it.

60
00:04:21,600 --> 00:04:24,240
So you can modify this double click it modify it.

61
00:04:24,240 --> 00:04:30,470
Hit enter and then once you're done modifying it you can click on forward and that will forward the

62
00:04:30,470 --> 00:04:34,010
packets and then the page is displayed here.

63
00:04:34,010 --> 00:04:36,140
Now we're going to be able to find these things in the future.

64
00:04:36,140 --> 00:04:41,570
So right now I'm just showing you that the bar is set up correctly and in the future will be modifying

65
00:04:41,570 --> 00:04:42,640
that.

66
00:04:42,650 --> 00:04:44,690
Let me just show you an example of a follow up.

67
00:04:44,710 --> 00:04:47,720
Now again if I click on file upload nothing happens.

68
00:04:47,840 --> 00:04:52,280
I have to forward it back here so you can see the values that we use and you can see the headers here

69
00:04:52,310 --> 00:04:53,040
as well.

70
00:04:53,240 --> 00:04:58,720
And I have to forwarded then the website will load it here and I have to forward again.

71
00:04:58,850 --> 00:05:01,210
And as you can see now it loaded.

72
00:05:01,220 --> 00:05:04,990
So let's try to upload an image.

73
00:05:05,210 --> 00:05:10,950
And when I click on upload again you'll see that the website pauses and we can see all the stuff that

74
00:05:10,970 --> 00:05:12,140
we send in here.

75
00:05:13,140 --> 00:05:19,950
So you can see that the image name you can see the image type and you can see all the variables that

76
00:05:19,980 --> 00:05:21,090
we insert as well.

77
00:05:21,090 --> 00:05:25,830
Again this is a post request and usually you don't see anything in here in the or out.

78
00:05:25,890 --> 00:05:30,110
We can modify the values in here and then send them again.

79
00:05:30,120 --> 00:05:35,220
This might not make much sense now but in the future once you start learning other attacks and we'll

80
00:05:35,220 --> 00:05:36,020
be using.

81
00:05:36,210 --> 00:05:38,620
You'll see how useful this can be.

82
00:05:39,710 --> 00:05:45,980
Once don't use unberth because now if you if we close were the browser will still try to redirect the

83
00:05:45,980 --> 00:05:48,540
packets to port 88 you were purpose running.

84
00:05:48,740 --> 00:05:55,280
So if I try to open anything I will lose my connection because it's the proxy server is refusing connections

85
00:05:55,520 --> 00:05:57,130
because I self burp.

86
00:05:57,200 --> 00:06:04,650
So once you're done with Bergh go back to your preferences and make sure that you use you set up your

87
00:06:04,650 --> 00:06:06,860
proxy settings to not use a proxy.

88
00:06:06,990 --> 00:06:11,910
So advanced network settings and then go to no proxy.

89
00:06:11,940 --> 00:06:12,820
OK.

90
00:06:13,650 --> 00:06:15,630
And then you should be good to go.

91
00:06:15,630 --> 00:06:17,310
Now if I do I try again.

92
00:06:18,360 --> 00:06:20,080
The website works as well.

93
00:06:20,160 --> 00:06:26,640
So again this is going to be really handy to intercept post get and bypass filters and also bypass any

94
00:06:26,640 --> 00:06:34,140
type of client side code that gets applied to the requests made by the website in the future I'll be

95
00:06:34,140 --> 00:06:39,240
doing this very fast and once I say I'm going to use BEARUP you should take it that you need to start

96
00:06:39,480 --> 00:06:43,520
up and configure your browser to redirect packets to go through burp.