web123456

Penetration_User Name and Password Blasting with Burp

burp, known as Burp Suite, is an integrated platform for attacking web applications. It contains a number of tools that can capture packets, blast or scan for vulnerabilities.

The main components are listed below:

Proxy - is a proxy server that intercepts HTTP/S and acts as an intermediary between the browser and the target application, allowing you to intercept, view, and modify the raw data stream in both directions.
Spider - is a web crawler that applies intelligent sensing for a complete enumeration of an application's content and functionality.
Scanner [Pro version only] - is an advanced tool that, when executed, automatically finds security holes in web applications.
Intruder - is a customized and highly configurable tool that performs automated attacks on web applications such as: enumerating identifiers, collecting useful data, and probing for routine vulnerabilities using fuzzing techniques.
Repeater - is a tool that relies on manual actions to patch individual HTTP requests and analyze application responses.
Sequencer - is a tool for analyzing the randomness of application session tokens and important data items that are unpredictable.
Decoder - is a tool for manual execution or intelligent decoding and encoding of application data.
Comparer - is a utility that is usually used to get a visualization of the "difference" between two pieces of data through a number of related requests and responses.
 
Among them, Intruder can be used for password blasting. Password Burp is a common method used in penetration testing, simple and brutal but effective. The following describes the basic usage of Burp blasting.
1: open a website to log in, we first stay in the login port
 

2: We turn on the browser proxy

3: Configure the burp proxy ip, pay attention to be consistent with the browser proxy ip

3: Proxy all open, now we are on the login port to capture packets. Fill in your login name and password, click login, and observe the http requests intercepted by burp.

On the intercepted request page, right-click send to intruder

Now let's click on the intruder button and then click on POSITIONS and observe the page. The places where we typed $$$ have become variables

Now let's empty the page of variables and only make variables where we need them

 

take note of  attack type  Here we only make variables for username.

After the parameters are made variables, the page clicksFor payloads, scroll down and select runtime file or per list, then click load to load the weak password dictionary.

 

Load the weak password dictionary. A weak password dictionary is a character set consisting of many simple characters, as follows

Loading a weak password file

 

Click start attack under intruder to start blasting, and observe the results.

We did a sort on the length of the blast results and found the two most unusual sets of characters

A quick trip to the login port with these two sets of characters verified that we were successfully logged in

 

 

Here it is necessary to remind, if the total number of weak passwords is a lot, then the waiting time will be very long, you need to be patient.

Beijing Software Testing QQ1 Group:507088

Beijing Software Testing Group:450569

Beijing Software Testing QQ2 Group:132142000

--Shrimp521