You have the option of providing the username and password that Burp Scanner should use while scanning your website if it employs a traditional login system comprised of a username and a password. By providing a legitimate login and password, Burp Scanner can log in to the website and examine material normally restricted to authorized users only.
Going forward in this article, we will talk about how to login password with Burp Suite!
What Is A Burp Suite?
During a penetration test, the pen testers carry out a variety of assaults, such as making use of existing vulnerabilities, using open or unsecured services or protocols, and exploiting any gaps in the system’s access restrictions. This post will look at another attack that may be performed during pen testing called “brute forcing” a login page.
An assault, known as “brute force”, involves making several guesses about an unknown variable. The process of guessing may include employing random words or string combinations, or it may involve taking a more focused approach by using prior information about the programme, system, firm, or person being targeted.
The use of brute force in assaults is not limited to only trying usernames and passwords, as has been shown in this blog. Several well-known open-source brute force programmes, such as Hydra and Ncrack, are fantastic for brute-forcing access through various protocols, including SSH and RDP.
Some examples of these protocols are SSH and RDP. For this example, we chose Burp Suite since it is better suited to performing brute force attacks on the login page of a web application. We employ the same tools and methods that attackers use to give you the most accurate findings possible on your environment’s level of security.
How To Set Up Burp Suite As A Web Proxy?
Burp is intended to be used concurrently with your web browser. It performs the job of an HTTP proxy server, which means that Burp is the one that sees all of the HTTP and HTTPS traffic coming from your browser. Select the Proxy tab in Burp, and after doing so, check to verify that the Intercept is on option has not been disabled in any way. This will guarantee that Burp’s proxy listener is operational.
Proceed to the next step, setting up your browser to utilise Burp Proxy listener as its HTTP proxy server. To do this, modify the settings for the proxy server in your browser to use the proxy host address (127.0.0.1) and port number 8080 for both the HTTP and HTTPS protocols. In this example, Burp Suite is being run in Kali. Because Kali uses Firefox as its default web browser, launch Firefox and go to the Preferences menu. Select the Network tab, then click Settings after clicking the Advanced button.
Select the radio box for the Manual proxy setup option. In the HTTP Proxy area, enter 127.0.0.1, and in the Port field, enter 8080. Use this proxy server for all protocols. Remove anything labelled “No proxy for” and choose the OK button.
Assuming everything was set up correctly, all your HTTP and HTTPS traffic should be routed via Burp. When you go to a website, the Proxy tab in Burp will become orange, and it will keep the Request it receives until you tell it what to do with it. This happens automatically whenever you visit a website. You can now turn off the Intercept and only activate it when it is required of you in the future.
How To Brute Force Login Page?
Imagine that you are doing a penetration test on your customer’s website, and you come across a Joomla! Administrator interface. What would you do? You will have complete power over the website if you successfully break into the admin account via brute force. Launch Burp and ensure the intercept feature is turned on before attempting to brute force the login page.
Step 1: Fire Up Kali and DVWA
Let’s start by booting up Kali and launching DVWA on another computer or virtual machine. Next, launch Burp Suite. You will first be presented with a screen like the one below. In the Community Edition, a “Temporary Project” is the only kind of project that may be created.
Just go on to the next step. Next, click the “Start Burp” button and pick the “Use Burp Defaults” option. After that, we have to activate the Intercept by going to the Proxy tab and clicking on it. This is how BurpSuite can monitor and steal information from traffic going to and coming from a server.
Step 2: Launch your preferred web browser
Now launch your web browser and configure it to work with the proxy you created before. To configure your network connections in Mozilla’s Firefox, go to Preferences > Network Connections. There is a window located in that area. Configure it to query from your browser to 127.0.0.1 on port 8080. It would be best if you chose OK from the menu for the browser to remember your changed preferences.
Step 3: Using the browser you have chosen, visit the DVWA website
Let’s open your web browser and go to the IP address of the Metasploitable system or the OWASP Broken Web Apps VM after your target system is up and running and ready to be exploited. Navigate to the Damn Vulnerable Web App from any of your systems (DVWA). Once you reach that location, pick DVWA to bring up a screen where you may log in.
Step 4: Take a Look at the Request to login
Ensure that the Burp Suite Proxy intercept and the proxy settings in your browser are on before providing the login credentials. This should be done before delivering the credentials. After that, when you send in the Request, the proxy will pick it up and process it. Send the Request to the Burp Suite Intruder as the fifth step.
After that, we must forward this Request to the Burp Suite Intruder. Select “Send to Intruder” from the context menu when you right-click anywhere on this screen. The BurpSuite Intruder will become available after you do this.
The IP address of the target will be shown on the first screen that Intruder presents to you. This information was obtained from the Request that was intercepted and analysed by it. Make the necessary corrections here if it is incorrect. Please note that it operates on the assumption that port 80 is being used.
Again, if you’re trying authentication on a different port or service, you’ll need to modify it here; nevertheless, BurpSuite will often get it correctly. Next, choose the “Positions” tab by clicking on it. It will highlight the fields it thinks are necessary to employ to break through this authentication form.
Step 5: Set Attack Type
Now it’s time to choose the right sort of assault. BurpSuite Intruder includes the following four categories of attacks:
A solitary collection of payloads aims for each payload and then positions each payload in the appropriate spot.
- Cluster Bombs
Several different payload settings. There are distinct payload set configurations for each available location.
- The pitchfork
Several different payload settings. There are distinct payload set configurations for each available location. It concurrently works its way through each payload set as it iterates.
- Battering Ram
A solitary collection of payloads It just utilises one payload set and cycles it through all of the available positions.
Check out the documentation with the Burp Suite for a more in-depth analysis of the differences between these payloads.
Step 6: Setting the Payloads
Now, it’s time to configure the payload that we specified before. These are the territories that will come under invasion from Intruder. Choose Payload Set #1, then input some specific passwords, such as “admin,” “guest,” “system admin,” “sys,” “root,” “password,” etc.
Afterwards, we must choose the “Start Attack” button in the screen’s top right corner.