Kali Linux Network Scanning Cookbook
上QQ阅读APP看书,第一时间看更新

Configuring Burp Suite on Kali Linux

Burp Suite Proxy is one of the most powerful web application auditing tools available. However, it is not a tool that can easily be started with a single click. Configurations in both the Burp Suite application and in the associated web browser must be modified to ensure that each communicates with the other properly.

Getting ready

Nothing needs to be done to initially execute Burp Suite in Kali Linux. The free version is an integrated tool, and it is already installed. Alternatively, if you choose to use the professional version, a license can be purchased at https://pro.portswigger.net/buy/.

The license is relatively inexpensive and well worth the additional features. However, the free version is still highly useful and provides most of the core functionality at no cost to the user.

How to do it…

Burp Suite is a GUI tool and requires access to the graphics desktop in order to be run. As such, Burp Suite cannot be used over SSH. There are two ways to start Burp Suite in Kali Linux. You can browse to it in the Applications menu by navigating to Applications | Kali Linux | Top 10 Security Tools | burpsuite. Alternatively, you can execute it by passing it to the Java interpreter in a bash terminal, as follows:

root@kali:~# java -jar /usr/bin/burpsuite.jar

Once Burp Suite is loaded, ensure that the Proxy listener is active and running on the desired port. In the example provided, TCP port 8080 is used. These configurations can be verified by selecting the Proxy tab and then selecting the Options tab below it as shown in the following screenshot:

Here, you will see a list of all proxy listeners. If none exist, add one. To use with the IceWeasel web browser in Kali Linux, configure the listener to listen on a dedicated port on the 127.0.0.1 address. Also, ensure that the Running checkbox is activated. After configuring the listener in Burp Suite, you will also need to modify the IceWeasel browser configurations to route traffic through the proxy. To do this, open up IceWeasel by clicking on the weasel globe icon at the top of the screen. Once open, expand the Edit drop-down menu and click on Preferences to get the following screenshot:

In the IceWeasel preferences menu, click on the Advanced options button at the top and then select the Network tab. Then, click on the Settings button under the Connection header. This will bring up the Connection Settings configuration menu as shown in the following screenshot:

By default, the proxy radio button is set to Use system proxy settings. This needs to be changed to Manual proxy configuration. The manual proxy configurations should be the same as the Burp Suite Proxy listener configurations. In the example provided, the HTTP proxy address is set to 127.0.0.1 and the port value is set to TCP 8080. To capture other traffic, such as HTTPS, click on the Use this proxy server for all protocols checkbox. To verify that everything is working correctly, attempt to browse to a website using the IceWeasel browser as shown in the following screenshot:

If your configurations are correct, you should see the browser attempting to connect, but nothing will be rendered in the browser. This is because the request sent from the browser was intercepted by the proxy. The proxy intercept is the default configuration used in Burp Suite. To confirm that the request was captured successfully, return to the Burp Suite Proxy interface as shown:

Here, you should see the captured request. To continue using your browser for other purposes, you can change the proxy configurations to passively listen by clicking on the Intercept is on button to disable it, or you can change your proxy settings in your browser back to the Use system proxy settings option and only use the manual proxy settings when using Burp.

How it works…

The initial configuration performed in Burp Suite creates a listening port on TCP 8080. This port is used by Burp Suite to intercept all web traffic and also to receive the incoming traffic returned in response. By configuring the IceWeasel web browser proxy configuration to point to this port, we indicate that all traffic generated in the browser should be routed through Burp Suite Proxy. Thanks to the capabilities provided by Burp, we can now modify the en-route traffic at will.