In this tutorial I’ll tell you about some basic s of HTTP proxy in
the WebScarab. HTTP Proxy is very useful when you have to do the
Vulnerability assessment of web application, it allows you to record the
whole request data packet and respond data packet and after that you
can analyze the incoming and outgoing data through HTTP Proxy.
In this tutorial we basically focus on WebScarab, although there are numerous tools in market (e.g. Paros, Burp etc). First-of-all you have to start the WebScarab, by default the listening port is 8008 but you can change also and other settings that you have to do are shown below:
We’ll also need to configure our browser so that our communication is pointed through the proxy. In recent versions of Firefox the path should be Tools >> Options >> Advanced Tab >> Network Tab >> Settings. Once there you’ll need to highlight “Manual proxy configuration”, then for “HTTP Proxy” type in “localhost” and for port use 8008. You’ll also need to do this for the SSL proxy if the web application uses SSL, as shown in fig:
This tutorial is going to show how WebScarab can walk through web application provided by Foundstone, Following figure shows the login page for this application.
I have already created an account within the application with the username “hacker” and a password of “passwd”. So with WebScarab already running in the background I am going to login to facebook. If you are on the summary tab within WebScarab you will notice requests and responses filling up rows in the bottom pane. WebScarab is logging all communication between you and the web server, this includes all images, CSS files, Javascript files, parameters, etc. The top pane of the summary tab shows you a directory structure of your history through the web application. This summary tab can be seen in Fig.
You can see in Fig that Webscarab has intercepted both the username “hacker” and password “passwd”. A HTTP proxy is able to see the password even though each character was replaced by an asterisk within the application. At this point you could accept the request or manipulate the parameters. You could try to login as someone at this point even though you initially typed in a different username and password. With a HTTP proxy you could manipulate any request / response not just the login process.
In this tutorial we basically focus on WebScarab, although there are numerous tools in market (e.g. Paros, Burp etc). First-of-all you have to start the WebScarab, by default the listening port is 8008 but you can change also and other settings that you have to do are shown below:
We’ll also need to configure our browser so that our communication is pointed through the proxy. In recent versions of Firefox the path should be Tools >> Options >> Advanced Tab >> Network Tab >> Settings. Once there you’ll need to highlight “Manual proxy configuration”, then for “HTTP Proxy” type in “localhost” and for port use 8008. You’ll also need to do this for the SSL proxy if the web application uses SSL, as shown in fig:
This tutorial is going to show how WebScarab can walk through web application provided by Foundstone, Following figure shows the login page for this application.
I have already created an account within the application with the username “hacker” and a password of “passwd”. So with WebScarab already running in the background I am going to login to facebook. If you are on the summary tab within WebScarab you will notice requests and responses filling up rows in the bottom pane. WebScarab is logging all communication between you and the web server, this includes all images, CSS files, Javascript files, parameters, etc. The top pane of the summary tab shows you a directory structure of your history through the web application. This summary tab can be seen in Fig.
Webscarab Summary Tab
Now a summary of your history is neat but that only scratches the
surface of Webscarab’s functionality. One of the best functions of a
HTTP proxy is the ability to intercept requests on the fly or replay
those requests at a later time. In order to intercept requests /
responses make sure you have checked the “Intercept requests” /
“Intercept responses” checkboxes in the Proxy >> Manual Edit tab.
These settings can be seen in Fig.
Webscarab Intercept Settings
You may be wondering why you would want to intercept or repeat a HTTP
request / response. The simple answer is to learn more about what a
website is doing with your input (e.g. SSN, credit card, personal
information). Application security folks, developers, or curious people
may want to understand more about the web application they’re using.
Intercepting a request / response will allow you to see and manipulate
communication being sent back and forth. Application security analysts
like to replay requests over and over again with different inputs to see
what the application will allow as input. This will give security
analysts an idea of how secure the application is. Had we intercepted
the login process you would have seen the inputs for username and
password being sent to the web server. A screen shot of this can be seen
in Fig.You can see in Fig that Webscarab has intercepted both the username “hacker” and password “passwd”. A HTTP proxy is able to see the password even though each character was replaced by an asterisk within the application. At this point you could accept the request or manipulate the parameters. You could try to login as someone at this point even though you initially typed in a different username and password. With a HTTP proxy you could manipulate any request / response not just the login process.
No comments:
Post a Comment