1
00:00:01,440 --> 00:00:02,210
Welcome back.

2
00:00:03,090 --> 00:00:09,200
We performed the set up of our Burset took, now let's see what we can do with it.

3
00:00:09,750 --> 00:00:16,920
First thing that you will notice after the setup is that if you have burps it off, you will not be

4
00:00:16,920 --> 00:00:19,260
able to visit any website at all.

5
00:00:20,210 --> 00:00:27,380
Let me show you what I mean, for example, currently I don't have anything open, and if I go to my

6
00:00:27,380 --> 00:00:28,070
Firefox.

7
00:00:29,310 --> 00:00:32,729
And try to visit the page like Facebook dot com.

8
00:00:33,980 --> 00:00:41,780
We get this after the proxy server is refusing connections, and this is due to our burset not being

9
00:00:41,780 --> 00:00:43,940
started at this very moment.

10
00:00:44,570 --> 00:00:51,020
Now, you can always remove Burset as proxy, if you'd like, by doing the same steps of going to proxy

11
00:00:51,020 --> 00:00:52,880
settings right here.

12
00:00:55,610 --> 00:01:01,070
Let me scroll all the way down to the network settings and under the proxy settings, all you want to

13
00:01:01,070 --> 00:01:07,500
do is to remove the suit and make your Firefox run, as usual, is to select no proxy right here.

14
00:01:07,860 --> 00:01:11,450
However, right now, we do want to have it as a proxy.

15
00:01:11,460 --> 00:01:18,290
So let's just start our website by going to our terminal and typing it.

16
00:01:19,190 --> 00:01:22,490
Let's wait for a couple of seconds for it to start up.

17
00:01:23,090 --> 00:01:29,120
And while it's starting, let's also start our own SPW, a virtual machine.

18
00:01:30,110 --> 00:01:35,100
Well, let's click on temporary project use defaults and start.

19
00:01:36,620 --> 00:01:43,640
OK, so this is our window, we already saw it from the previous video and in this video, let's start

20
00:01:43,640 --> 00:01:48,220
off by checking that intercept option that we saw in the last video.

21
00:01:49,040 --> 00:01:57,080
So by default, once you open it intercept, which we can find under the proxy tab, will automatically

22
00:01:57,080 --> 00:01:59,060
be on, as we can see right here.

23
00:01:59,810 --> 00:02:05,400
And this will always be navigated under the proxy tab and under the intercept tab.

24
00:02:06,110 --> 00:02:08,900
But what does this intercept option even mean?

25
00:02:09,440 --> 00:02:10,509
Well, it's simple.

26
00:02:10,789 --> 00:02:17,460
It will intercept every single HTP request that we try to send, and it will block it right here.

27
00:02:18,050 --> 00:02:20,160
It won't forward it or drop it.

28
00:02:20,180 --> 00:02:23,400
It will ask us what we want to do with it instead.

29
00:02:24,140 --> 00:02:25,550
Let me show you how it looks like.

30
00:02:25,970 --> 00:02:34,970
For example, once we have intercept off, if we turn it off, we can normally visit a page like Facebook

31
00:02:35,300 --> 00:02:35,890
dot com.

32
00:02:36,650 --> 00:02:38,830
As you can see, it will load everything.

33
00:02:38,870 --> 00:02:41,310
Normally, there will be no problems.

34
00:02:41,330 --> 00:02:45,620
It might work a little bit slower because we're going through it, but nonetheless, it will load the

35
00:02:45,620 --> 00:02:46,000
page.

36
00:02:46,730 --> 00:02:54,800
But if we try to reload the page with intercept being on, let's turn it on and let's click on this

37
00:02:54,800 --> 00:02:55,610
reload button.

38
00:02:58,000 --> 00:03:05,170
We intercept and HTP request, and this is the request that we're trying to send, here it is, we are

39
00:03:05,170 --> 00:03:10,250
performing I get request on host Facebook dot com.

40
00:03:11,140 --> 00:03:13,990
This request didn't reach its destination yet.

41
00:03:13,990 --> 00:03:16,810
And we can confirm that by going to Firefox.

42
00:03:17,410 --> 00:03:20,410
And as we can see, our page is not loading.

43
00:03:21,350 --> 00:03:27,290
Instead, it seems as if it's still reloading, as we can see right here on our tap.

44
00:03:28,240 --> 00:03:34,690
That is because it is waiting for us to choose what we want to do with this request, and we do have

45
00:03:34,690 --> 00:03:41,970
some options right here, we can either forward the request or we can drop it and not send it at all.

46
00:03:42,670 --> 00:03:50,080
But we also have this action button right here that gives us multiple options as to what we can do with

47
00:03:50,080 --> 00:03:56,110
this request, such as send to sequencer sent to intruder's sent to repeater.

48
00:03:56,440 --> 00:04:00,460
And these options are something that we will talk about in the next video.

49
00:04:00,790 --> 00:04:05,020
But for now, let's see what happens once we forward this request.

50
00:04:06,140 --> 00:04:07,730
Let's press forward.

51
00:04:08,630 --> 00:04:11,390
Hmmm, another request comes in.

52
00:04:12,320 --> 00:04:12,710
Why?

53
00:04:13,250 --> 00:04:19,220
Well, usually when you visit a website, you don't just perform one single request, it is multiple

54
00:04:19,220 --> 00:04:24,730
requests to multiple pages that once they are sent, we get to load this Facebook page.

55
00:04:25,280 --> 00:04:28,820
In this case, our Facebook page does appear to be loaded.

56
00:04:28,910 --> 00:04:35,120
As we can see right here, it's no longer loading, but we must also forward all of the incoming requests

57
00:04:35,120 --> 00:04:35,560
as well.

58
00:04:35,570 --> 00:04:37,370
So let's do that real fast.

59
00:04:38,340 --> 00:04:41,340
Let's forward every single request that we get.

60
00:04:42,560 --> 00:04:48,560
And that should be about --'s there were a lot of them, but now we can see no requests are being sent

61
00:04:48,560 --> 00:04:49,060
anymore.

62
00:04:50,280 --> 00:04:55,230
Now, you might have a couple of them coming every couple of seconds right here, as we can see here,

63
00:04:55,350 --> 00:05:01,230
one that came a couple of seconds late, and this will depend on which page you're trying to load.

64
00:05:01,260 --> 00:05:05,160
So a couple of requests might come every couple of seconds.

65
00:05:05,160 --> 00:05:10,110
As we can see, even though we forwarded this one, another one might come in just a couple of seconds.

66
00:05:10,110 --> 00:05:11,070
And here it is.

67
00:05:12,120 --> 00:05:18,570
Now, another thing that we can do, for example, is to modify our request, let's turn our intercept

68
00:05:18,570 --> 00:05:20,820
off for a second.

69
00:05:21,570 --> 00:05:27,590
Let's go to our Firefox and let's first check what is the IP address of our always machine.

70
00:05:27,600 --> 00:05:30,630
It is one attitude, 168 at one point five in my case.

71
00:05:31,380 --> 00:05:32,760
Let me visit it.

72
00:05:34,530 --> 00:05:37,620
And let's, for example, go right here.

73
00:05:38,780 --> 00:05:40,580
To the TV W8.

74
00:05:41,450 --> 00:05:48,980
And if we turn our intercept on and for example, we try to submit test username and password.

75
00:05:49,940 --> 00:05:55,640
We intercept the request right here, we can see we are trying to perform a post request on this page

76
00:05:55,820 --> 00:06:01,660
because we are actually sending some data inside of a form which in this case is username and password.

77
00:06:01,970 --> 00:06:07,860
And here we can see test and test to be the username and password.

78
00:06:08,540 --> 00:06:11,000
Now, if we want, we can change this data.

79
00:06:11,000 --> 00:06:16,280
We can, for example, type test one, two, three, and we can forward our packet.

80
00:06:16,850 --> 00:06:18,740
Let's forward this one as well.

81
00:06:18,740 --> 00:06:19,700
And this one.

82
00:06:20,480 --> 00:06:23,700
And if I go right here, it will tell us login failed.

83
00:06:23,720 --> 00:06:27,680
So that is incorrect password and also incorrect username.

84
00:06:28,160 --> 00:06:34,550
Now let me turn intercept off and just so I can show you the changing of certain things in an HTP request

85
00:06:34,550 --> 00:06:34,970
works.

86
00:06:35,690 --> 00:06:41,700
Let me tell you that the username and password for this BBWAA page is admin and admin.

87
00:06:42,200 --> 00:06:46,690
So once you type admin and admin, click on login, you will successfully log into this page.

88
00:06:47,300 --> 00:06:51,640
But let's try to turn on intercept, right?

89
00:06:51,650 --> 00:06:55,760
Incorrect username and password, which is once again test and test.

90
00:06:56,240 --> 00:07:02,540
And let's try to modify it right here to the correct username and correct password just so we can see

91
00:07:02,540 --> 00:07:04,120
whether we manage to login.

92
00:07:04,910 --> 00:07:10,370
So admin, admin, we forward the request and lets forward other requests as well.

93
00:07:10,910 --> 00:07:14,420
And now you can see that we managed to log in to this page.

94
00:07:15,200 --> 00:07:15,650
Awesome.

95
00:07:16,520 --> 00:07:18,810
This is the power of intercepting the requests.

96
00:07:19,340 --> 00:07:25,040
Now, did we explore this option in the next video, we're going to take a look at some other possibilities

97
00:07:25,040 --> 00:07:25,720
with Burset.

98
00:07:26,240 --> 00:07:26,830
See you there.