1
00:00:01,020 --> 00:00:01,810
Hello, everyone.

2
00:00:02,790 --> 00:00:08,160
So in this video, we are going to see what is Burpe suite and how to set up Burpe suite .

3
00:00:09,600 --> 00:00:14,610
So we are going to first learn what is Burpe suite

4
00:00:15,840 --> 00:00:17,760
Why are we going to use Burpe suite

5
00:00:18,790 --> 00:00:26,220
What are proxy tools and the lab set up of Burpe suite for conducting further attacks?

6
00:00:29,100 --> 00:00:37,600
So before starting with Burpe suite , I would like to tell you guys that Burpe suite is a proxy tool.

7
00:00:38,400 --> 00:00:43,850
So what is a proxy and how a proxy works are going to see into this video?

8
00:00:45,480 --> 00:00:51,150
As you can see on your left side, is the client and and the right side is the server.

9
00:00:51,930 --> 00:00:57,270
And in between there is proxy sitting between the client and the server.

10
00:00:57,900 --> 00:01:02,260
So the client sends a request to the server.

11
00:01:02,700 --> 00:01:09,450
There is a proxy sitting in between, which is nothing but Burpe suite , which intercepts your request.

12
00:01:09,810 --> 00:01:12,040
Also intercept your response.

13
00:01:12,840 --> 00:01:14,550
So what does it do by intercepting?

14
00:01:15,090 --> 00:01:22,320
Intercepting generally means whenever the client is sending a request, it will first go to the proxy

15
00:01:23,560 --> 00:01:24,660
that is the Burpe suite .

16
00:01:24,990 --> 00:01:33,060
And then when the interception is turned off, the request will go further to the server similarly.

17
00:01:33,240 --> 00:01:36,330
And the server is sending a response back to the client.

18
00:01:36,720 --> 00:01:44,970
The proxy, which is the Burpe suite , will capture the response and when we do intercept off, it will come

19
00:01:44,970 --> 00:01:46,530
back to the client browser.

20
00:01:46,890 --> 00:01:50,100
So this is how a basic proxy works.

21
00:01:50,760 --> 00:01:59,730
It sits in between the client and the server and it sees whatever data is passing through in the request

22
00:01:59,880 --> 00:02:02,160
or in the form of the response.

23
00:02:04,850 --> 00:02:10,100
You can also call it proxy as man in the middle attack why?.

24
00:02:11,570 --> 00:02:20,900
Because proxy is basically sitting between your computer and the server, so your data has been passing

25
00:02:20,920 --> 00:02:26,570
to someone else and that someone else is your proxy and that someone else is Burpe suite .

26
00:02:26,990 --> 00:02:29,720
So your data is going to pass through Burpe suite .

27
00:02:30,110 --> 00:02:34,870
So you can also call this a MITM attack that is man in the middle attack.

28
00:02:36,020 --> 00:02:36,600
Perfect.

29
00:02:37,610 --> 00:02:44,440
So after understanding how a proxy works, let's see, how can we do the Burpe suite  Lab setup?

30
00:02:45,350 --> 00:02:54,440
So we are going to first see how we can set upBurpe suite and then how we can configure Burpe suite with our

31
00:02:54,440 --> 00:02:58,850
browser after that, how we are going to do a proxy setup.

32
00:02:59,360 --> 00:03:03,080
And then last we'll see how we can attack.

33
00:03:03,710 --> 00:03:12,290
So it's the practical time, time to practice and let's see the practical setup of Burpe suite for setting

34
00:03:12,290 --> 00:03:12,740
a Burpe suite .

35
00:03:12,740 --> 00:03:14,620
Would you require two things?

36
00:03:15,050 --> 00:03:16,610
The first thing is a browser.

37
00:03:18,830 --> 00:03:21,450
And the second thing is Burpe suite itself.

38
00:03:21,890 --> 00:03:30,530
So for the browser, I preferred Mozilla, Firefox, the latest version, you can you can also install

39
00:03:30,530 --> 00:03:31,790
Mozilla Firefox.

40
00:03:34,100 --> 00:03:41,750
While we are not going to use Google Chrome, Safari or Internet Explorer because of some type of compatibility

41
00:03:41,780 --> 00:03:49,880
issues when we are setting a proxy, that is why we will only prefer Firefox as our main browser for

42
00:03:50,120 --> 00:03:52,020
conducting all types of attacks.

43
00:03:52,670 --> 00:04:00,680
So after a successful installation of Mozilla Firefox, or if you already have it installed, you just

44
00:04:00,680 --> 00:04:04,760
have to go and search for Burpe suite  onto Google.

45
00:04:07,340 --> 00:04:11,810
After you search for Burpe suite , they will be the first link of port swigger dot net.

46
00:04:12,740 --> 00:04:14,900
You have to just click on that, as you can see.

47
00:04:14,930 --> 00:04:16,580
Welcome to the family.

48
00:04:17,060 --> 00:04:18,440
That would be a last option.

49
00:04:18,590 --> 00:04:20,730
That is community edition.

50
00:04:21,050 --> 00:04:26,930
So basically, there are enterprise professional editions also, but those are paid editions.

51
00:04:27,120 --> 00:04:31,940
So we are going to use a free edition to just click on Get the Community.

52
00:04:35,490 --> 00:04:41,970
After clicking on there, you will see there is download the latest version so you can navigate here

53
00:04:41,970 --> 00:04:44,550
and click on download the latest version.

54
00:04:45,450 --> 00:04:53,490
After clicking on this, you can choose a required Burpe suite  release version for your computer.

55
00:04:54,150 --> 00:04:56,370
If you're using Linux, you can choose Linux.

56
00:04:56,370 --> 00:04:58,920
If you're using Mac OS, you can use Mac works.

57
00:04:59,310 --> 00:05:01,890
If you're using Windows, then you can use windows.

58
00:05:03,090 --> 00:05:10,380
If you want a compatible version which can run on all the versions of your operating system, you can

59
00:05:10,380 --> 00:05:14,250
download a version and which can run through Java.

60
00:05:14,970 --> 00:05:21,030
So in my case, I'm running onto an Apple Mac OS, so I'm going to download Mac OS.

61
00:05:24,690 --> 00:05:32,700
And I will hit on download, as you can see, it is of around 180 MB for my operating system, it were

62
00:05:32,710 --> 00:05:34,260
ready for your computers.

63
00:05:34,680 --> 00:05:40,920
You just have to save the file and click on, OK, I have already downloaded, so I'm not going to download

64
00:05:40,920 --> 00:05:41,360
it again.

65
00:05:43,140 --> 00:05:43,690
Perfect.

66
00:05:44,370 --> 00:05:52,560
So now after downloading, you just have to start it and install it, installation steps are very simple.

67
00:05:52,560 --> 00:05:55,950
You just have to do a couple of next, next, next and finish.

68
00:05:56,310 --> 00:06:01,430
And it will get installed for Windows based computers, for Mac OS computers.

69
00:06:01,440 --> 00:06:06,330
You just have to double click it Drag into your application folders and it will get installed.

70
00:06:08,190 --> 00:06:13,230
Following its computer, the steps are seen as for the Windows computer, you have to do a couple of

71
00:06:13,230 --> 00:06:17,500
next and then finish as soon as you have installed.

72
00:06:17,520 --> 00:06:24,110
You can see this is the boxwood skin screen wearing bob suit will start.

73
00:06:24,130 --> 00:06:28,380
So I'm just going to press next and then one more start.

74
00:06:28,380 --> 00:06:29,460
Burp button.

75
00:06:29,910 --> 00:06:32,900
As soon as you click on Start Burp, Boxwood will start.

76
00:06:33,120 --> 00:06:36,470
And this is the first look on Bob Suit that how it looks.

77
00:06:37,320 --> 00:06:40,830
This is basically the way that you are going to use a lot.

78
00:06:41,400 --> 00:06:44,700
So you should get familiar with this user interface.

79
00:06:46,550 --> 00:06:52,370
So as you can see, there are a couple of times at the top, there is burb into the repeater window,

80
00:06:52,370 --> 00:06:59,480
help, then there are a couple of tabs over the years we are going to use most of the tabs into our

81
00:06:59,480 --> 00:07:00,050
attacks.

82
00:07:01,010 --> 00:07:06,390
So the first and very important is the proxy type that you have to configure.

83
00:07:06,860 --> 00:07:11,000
So I will quickly go onto the proxy to I will just click on it.

84
00:07:11,540 --> 00:07:17,120
After clicking on this tab, you can see there are further more tabs for subtypes.

85
00:07:17,120 --> 00:07:19,490
You can see first as intercept.

86
00:07:19,490 --> 00:07:23,210
Second is HTP history, this WebSocket history.

87
00:07:23,210 --> 00:07:24,710
And the last one is options.

88
00:07:25,610 --> 00:07:29,960
As you can see, I wanted the first subtype that is intercept Riganti.

89
00:07:29,960 --> 00:07:32,000
There are more things over here.

90
00:07:32,360 --> 00:07:35,750
Forward, drop intercept is on and action.

91
00:07:36,590 --> 00:07:38,520
All the three are disabled right now.

92
00:07:38,600 --> 00:07:41,990
Only this one is Annable and it is on intercept.

93
00:07:41,990 --> 00:07:48,680
On basically means whenever a request is going from your computer to any server, you can capture that

94
00:07:48,680 --> 00:07:52,610
request into Boxwood and see whatever is going to the server.

95
00:07:53,090 --> 00:07:59,120
Similarly, whatever is coming from the server can be captured into batsuit and you can see the response.

96
00:07:59,130 --> 00:08:04,780
Also, we are going to use this in the later parts of the video.

97
00:08:05,000 --> 00:08:07,850
For now, we'll just quickly set up our batsuit.

98
00:08:10,270 --> 00:08:16,960
So I will just turn this off and I will go into the last option, I will just show you what is the next

99
00:08:16,960 --> 00:08:24,460
step in history, A.P. history, that just takes all the history of whatever you're running on your

100
00:08:24,460 --> 00:08:25,030
browser.

101
00:08:25,450 --> 00:08:29,560
Similarly, WebSocket history contains any WebSocket connections ever made.

102
00:08:30,610 --> 00:08:35,740
Not relevant for us right now, for the start will quickly move on to the option.

103
00:08:35,750 --> 00:08:41,770
Stop where you can see that the first thing is proxy lessness.

104
00:08:42,250 --> 00:08:48,760
You just have to select the proxy and you have to click on edit.

105
00:08:50,140 --> 00:08:54,970
So my proxy is a Lubeck IP and is 127, not 0.01.

106
00:08:55,630 --> 00:08:58,180
And there is a board member that is eight zero eight zero.

107
00:08:59,320 --> 00:09:02,820
The application by default vildan on board zero eight zero.

108
00:09:03,700 --> 00:09:11,470
But I want to change this board because maybe and some computers there may be some service running on

109
00:09:11,470 --> 00:09:19,960
eight zero eight zero because sometimes the developers use this Dysport member to test for their some

110
00:09:19,960 --> 00:09:21,810
of the demo applications to run.

111
00:09:22,180 --> 00:09:25,020
So this may this may give some problems.

112
00:09:25,540 --> 00:09:30,790
So just to avoid that, we are going to change the board number and stay on the safe side.

113
00:09:32,110 --> 00:09:35,680
So we are going to make the port numbers eight zero eight one and click on.

114
00:09:35,680 --> 00:09:43,120
OK, so we have successfully changed the board number and you can see there is a tegmark on running,

115
00:09:43,120 --> 00:09:45,550
which means our proxy is running successfully.

116
00:09:47,490 --> 00:09:54,030
After setting this up, I will just go back to the intercept tab and now I'm going and I'm going to

117
00:09:54,030 --> 00:09:55,500
go to the Firefox browser.

118
00:09:56,550 --> 00:10:02,970
Now it is time to configure the browser because we have already configured the Boxwood in browser.

119
00:10:02,970 --> 00:10:09,570
You have to click on these three dots and the right top and you have to move to the preferences tab

120
00:10:10,380 --> 00:10:12,030
for Windows based computers.

121
00:10:12,040 --> 00:10:16,040
It will be named as options for Linux and Mac OS users.

122
00:10:16,050 --> 00:10:17,640
It is named as preferences.

123
00:10:19,640 --> 00:10:22,670
After going in preferences, you have to search for proxy.

124
00:10:24,050 --> 00:10:28,910
You have to type your proxy and you'll be able to see there is an option called settings.

125
00:10:29,400 --> 00:10:33,430
I just have to click on settings and there are four options over here.

126
00:10:34,070 --> 00:10:40,300
The first option is no proxy or reject proxy use system, proxy and manual proxy.

127
00:10:40,760 --> 00:10:43,090
So you have to choose, choose the last option.

128
00:10:43,100 --> 00:10:50,000
That is the manual proxy and you have to configure the proxy or whatever and the board number over here.

129
00:10:50,780 --> 00:10:54,940
Remember, you have to put the board number that you have selected into Boxwood.

130
00:10:55,400 --> 00:10:57,680
So I have selected eight zero eight one.

131
00:10:57,890 --> 00:11:03,740
So I'm going to type it into it when you can take any number that you want and you can configure in

132
00:11:03,740 --> 00:11:04,490
Bob as well.

133
00:11:04,490 --> 00:11:11,000
As yet, for example, you can configure board number one, two, three, four and Boxwood as well as

134
00:11:11,000 --> 00:11:13,420
one, two, three, four into your browser.

135
00:11:15,200 --> 00:11:22,520
After doing this board number and the Lubeck IP, you have to click this, you have to check this that

136
00:11:22,520 --> 00:11:24,860
used this proxy for FPP and HGP.

137
00:11:25,010 --> 00:11:30,950
Also remember that is important that you checkbox this option.

138
00:11:35,880 --> 00:11:41,370
Then you have to click on OK, and now we are going to test that our browser is successfully configured

139
00:11:41,370 --> 00:11:49,350
with Boxwood are not so far that we just have to open a new tab and type HTP colon slash, slash, burp

140
00:11:49,470 --> 00:11:56,220
and enter if you are able to see the screen, which is a green screen screen, and then which means

141
00:11:56,220 --> 00:11:58,170
your bob is successfully configured.

142
00:12:01,350 --> 00:12:01,890
Perfect.

143
00:12:01,950 --> 00:12:12,070
So Bob is configured now we have to install a Sears certificate into our closer to make Burke capture

144
00:12:12,100 --> 00:12:12,840
the requests.

145
00:12:13,350 --> 00:12:18,840
So for this, you just have to click on this, see a certificate, and then you have to save the certificate.

146
00:12:22,320 --> 00:12:27,960
After saving, you can see I have already downloaded 12 times, so this is the 12th download that has

147
00:12:27,960 --> 00:12:29,290
happened into my computer.

148
00:12:30,720 --> 00:12:39,450
Now I will again go to the preferences or settings you can see and I will search for cert as we have

149
00:12:39,450 --> 00:12:40,830
to install the certificate here.

150
00:12:41,130 --> 00:12:46,730
I will click on View certificate and in the authorities tab.

151
00:12:46,740 --> 00:12:52,890
That is the last time I have to go in the import button at the bottom, as you can see over here.

152
00:12:59,030 --> 00:13:03,600
I will see the part of the certificate, the certificate is over here.

153
00:13:05,630 --> 00:13:11,840
I will just click on import and I'm going to search for the certificate that I have downloaded.

154
00:13:13,160 --> 00:13:16,760
I have downloaded Sartwell, so I will just import that.

155
00:13:17,510 --> 00:13:20,360
And you can see in my computer it is already installed.

156
00:13:20,360 --> 00:13:22,880
So the same certificate is already installed.

157
00:13:23,360 --> 00:13:29,090
But in your computer, if your konforti configuring this for the first time, it will ask you, do you

158
00:13:29,090 --> 00:13:30,260
trust the certificate?

159
00:13:30,950 --> 00:13:33,320
Then you have to check box twice.

160
00:13:33,500 --> 00:13:40,130
There will be two check boxes, you have to check box, you have to take both the check boxes, which

161
00:13:40,130 --> 00:13:48,800
means you trust that certificate and you have to press enter as I have already done that I'm not I don't

162
00:13:48,800 --> 00:13:49,820
have to do that again.

163
00:13:50,090 --> 00:13:52,740
And the certificate is already installed into my computer.

164
00:13:53,120 --> 00:13:53,690
Perfect.

165
00:13:57,490 --> 00:14:04,330
Now, our most successful configuration has been done, and let's verify if we are able to intercept

166
00:14:04,330 --> 00:14:04,870
or not.

167
00:14:05,710 --> 00:14:13,500
So I will just go into my bubp and click on Intercept on and I'm going to search for Google dot com.

168
00:14:15,280 --> 00:14:16,300
There is an error.

169
00:14:16,300 --> 00:14:17,320
Let me verify.

170
00:14:18,010 --> 00:14:20,070
The proxy is running perfectly fine.

171
00:14:20,090 --> 00:14:23,820
And Bob, let me see into my settings of browser.

172
00:14:24,280 --> 00:14:26,670
Let me just a proxy and you can see.

173
00:14:27,040 --> 00:14:27,480
Yep.

174
00:14:27,700 --> 00:14:29,470
So I missed checking this.

175
00:14:29,470 --> 00:14:31,310
As I said, it is very important.

176
00:14:31,450 --> 00:14:32,010
Let me hear it.

177
00:14:32,020 --> 00:14:34,240
OK, and let me try to reload this.

178
00:14:34,810 --> 00:14:38,560
Let me go to Bob and check if it is working fine.

179
00:14:38,560 --> 00:14:40,540
And you can see it is working fine.

180
00:14:40,960 --> 00:14:46,620
I have got the request of Google dot com into my computer as I made a request on my browser.

181
00:14:46,630 --> 00:14:49,870
I have captured the request into the Boxwood, which is the proxy.

182
00:14:50,380 --> 00:14:53,500
Now, as you can see, there are these options.

183
00:14:53,770 --> 00:15:00,430
Forward drop and action, as you must have understood forward means to forward this request that I've

184
00:15:00,430 --> 00:15:01,960
captured to the server.

185
00:15:02,860 --> 00:15:08,650
Dropped means drop the request and in between the request will just die and action.

186
00:15:08,650 --> 00:15:10,660
We are going to see in further videos.

187
00:15:11,210 --> 00:15:14,290
So for now, I'm going to make it forward.

188
00:15:14,480 --> 00:15:20,050
So the request will go to the server and the server is going to send the response back to a computer.

189
00:15:21,460 --> 00:15:27,040
So let me just search for Batmen going batsuit and then hit enter over here.

190
00:15:27,310 --> 00:15:31,750
The request must have passed through the proxy and we have captured the request.

191
00:15:31,750 --> 00:15:34,490
And Boxwood, let's go to Bob Suit.

192
00:15:34,510 --> 00:15:39,910
And this is the most helpful feature of Bob Suit and built at the bottom.

193
00:15:39,910 --> 00:15:42,160
As you can see, this is a search bar.

194
00:15:42,790 --> 00:15:46,540
You can just search for anything into your request that has been going.

195
00:15:47,110 --> 00:15:54,700
So I'm just going to search for Batmen and this will automatically show if it matches into this request.

196
00:15:55,210 --> 00:15:58,300
So Batman is not matching, as you can see, zero matches.

197
00:15:59,650 --> 00:16:01,240
I'm going to forward this request.

198
00:16:01,250 --> 00:16:01,960
Perfect.

199
00:16:02,410 --> 00:16:07,180
As you can see, Batman is matching at two places and you can see two matches found.

200
00:16:07,720 --> 00:16:11,020
So I'm just going to replace Batman with Superman.

201
00:16:12,190 --> 00:16:19,630
In the request, so I've changed this, and after changing, I will just forward this request to intercept

202
00:16:19,630 --> 00:16:23,130
off and go to my browser.

203
00:16:23,740 --> 00:16:29,830
As now you can see I searched for Batmen through my browser.

204
00:16:30,220 --> 00:16:37,030
But when the request came to my proxy, that is the suit I modified the request to Superman.

205
00:16:37,750 --> 00:16:43,990
This was a very basic example of how you can capture your request and how you can modify your request.

206
00:16:44,680 --> 00:16:47,170
Similarly, we can modify our responses.

207
00:16:47,170 --> 00:16:51,250
That is coming from the server that will see in the videos.

208
00:16:51,430 --> 00:16:54,880
We will do attack for response manipulation.

209
00:16:55,880 --> 00:17:01,110
I hope you guys understood how to set a suit into your computer.

210
00:17:01,930 --> 00:17:05,430
If you have any doubt, you can post your doubts in the discussion session.

211
00:17:05,800 --> 00:17:08,170
I will help you guys how to set up Boxwood.

212
00:17:08,950 --> 00:17:09,520
Thank you.