1
00:00:00,780 --> 00:00:01,440
Welcome back.

2
00:00:02,010 --> 00:00:09,150
Time to configure the tool called Burset and burps it is a tool that allows us to intercept and take

3
00:00:09,150 --> 00:00:12,720
a look at different HTTP requests and HTTP responses.

4
00:00:13,170 --> 00:00:19,290
It also allows us to change those HTP requests to our liking and then forward them to our target.

5
00:00:19,710 --> 00:00:21,630
It is also considered a proxy.

6
00:00:21,630 --> 00:00:28,950
So everything and every link that we visit to our Firefox from now on will go through Burset first and

7
00:00:28,950 --> 00:00:33,560
we will be able to inspect all of our HTP requests and responses.

8
00:00:34,320 --> 00:00:37,140
Let us see how we can configure it and get it to work.

9
00:00:37,620 --> 00:00:41,370
So we already got it inside of our Linux machine.

10
00:00:41,700 --> 00:00:47,260
If you go onto the menu and then Web application analysis, you will have it right here.

11
00:00:47,940 --> 00:00:51,600
The first thing that we want to do is double click it to start it up.

12
00:00:52,230 --> 00:00:57,510
This will start up the community edition and there is also professional additions that you must pay

13
00:00:57,510 --> 00:00:57,780
for.

14
00:00:57,960 --> 00:01:02,250
But for now, we're just going to cover the community edition inside of this course.

15
00:01:03,030 --> 00:01:04,220
It might give you this error.

16
00:01:04,230 --> 00:01:05,720
You just want to click on, OK?

17
00:01:06,120 --> 00:01:11,580
And in just a few seconds, we should have the main menu of should open up.

18
00:01:12,210 --> 00:01:18,650
And here it is, terms and conditions I want to click on except and here it tells us an update is available.

19
00:01:18,660 --> 00:01:22,020
I'm not really interested in the update at the moment here.

20
00:01:22,020 --> 00:01:23,940
I want to select the temporary project.

21
00:01:23,940 --> 00:01:26,310
Click on that and click on next.

22
00:01:26,880 --> 00:01:33,030
I want to select right here, use defaults and start Burset after a few seconds.

23
00:01:33,030 --> 00:01:35,580
It should open something like this.

24
00:01:36,030 --> 00:01:39,950
And we can see a lot of things are happening on our screen.

25
00:01:40,380 --> 00:01:46,200
If I enlarge it, you will see that we get a bunch of different options with this verb talk.

26
00:01:46,650 --> 00:01:49,440
But let's not think about them at the moment.

27
00:01:49,440 --> 00:01:56,040
For now, let us just think about how we can configure our Burchett's to be used by Firefox as a proxy.

28
00:01:56,700 --> 00:02:02,940
Well, the first thing that we want to do is navigate to the site to click on proxy right here.

29
00:02:03,210 --> 00:02:06,870
And under the proxy, we get these options step.

30
00:02:07,810 --> 00:02:14,230
Under the options, we will have these proxy listeners and proxy listeners, you want to select this

31
00:02:14,230 --> 00:02:16,780
right here and you want to click on EDIT.

32
00:02:17,290 --> 00:02:20,320
If you don't have anything right here, just click on ADD.

33
00:02:21,180 --> 00:02:28,470
Here we want to bind to Port 80 80 and we want to bind to address, loop back only once you get this

34
00:02:28,470 --> 00:02:35,730
set up, click on OK, and after you got this, what we want to do is want to navigate to our Firefox

35
00:02:35,730 --> 00:02:42,990
and on these three lines right here, we want to navigate to the preferences under the general tab in

36
00:02:42,990 --> 00:02:45,690
the preferences we want to navigate all the way down.

37
00:02:45,840 --> 00:02:50,550
And at the last option where we got network settings, we want to click on settings.

38
00:02:51,440 --> 00:02:57,590
Here, it will ask us to configure proxy access to the Internet and we want to set it here, manual

39
00:02:57,590 --> 00:02:59,030
proxy configuration.

40
00:03:00,130 --> 00:03:05,440
Under the HTP proxy, we want to set the IP address, and in our case, we are going to set the IP address

41
00:03:05,440 --> 00:03:09,160
of our local host, which is for everyone, this IP address right here.

42
00:03:09,520 --> 00:03:17,170
And the port should be 80, 80, and then we can set use this proxy for all protocols.

43
00:03:17,800 --> 00:03:20,560
Also, make sure that the Sox, the five is checked.

44
00:03:20,560 --> 00:03:23,820
And once you do all of that, you can click on, OK?

45
00:03:24,800 --> 00:03:29,990
Now that we did this, if I go and try to visit Google dot com.

46
00:03:32,350 --> 00:03:38,800
It will tell me software is preventing Firefox from safely connecting to this website, and you should

47
00:03:38,800 --> 00:03:40,030
get this error, too.

48
00:03:40,840 --> 00:03:41,890
Why does this happen?

49
00:03:42,340 --> 00:03:46,630
Well, our Firefox doesn't really trust our Burset tool.

50
00:03:47,320 --> 00:03:52,930
And currently all of the packets are going through this tool before we can see them on our screen.

51
00:03:53,110 --> 00:03:59,140
So we're getting a warning from the Firefox that some software is preventing from having a secure connection

52
00:03:59,140 --> 00:03:59,980
to that website.

53
00:04:00,750 --> 00:04:01,980
What can we do about this?

54
00:04:02,490 --> 00:04:09,540
Well, we can go to our Firefox and visit any HTP website that we want, it won't present a problem

55
00:04:09,750 --> 00:04:11,420
for HTP websites.

56
00:04:11,430 --> 00:04:14,640
It will only present a problem for its website.

57
00:04:15,150 --> 00:04:20,550
But we also want to visit HTP s websites such as Facebook, such as Google and all the others.

58
00:04:21,180 --> 00:04:30,270
To do that, we must type this link inside of our search bar, which is HTP to DOT and then berp press

59
00:04:30,270 --> 00:04:34,170
enter and you will open this page right here.

60
00:04:34,590 --> 00:04:35,430
It will tell us.

61
00:04:35,430 --> 00:04:41,640
Welcome to the community edition and here we will be able to download the certificate, which we can

62
00:04:41,640 --> 00:04:46,850
then import inside of our Firefox and make Firefox trust our Burset tool.

63
00:04:47,700 --> 00:04:52,570
So just click on cert, click on Save File and click on OK.

64
00:04:53,770 --> 00:04:58,790
Once you do that, the file will be inside of our downloads directory, as we can see it right here.

65
00:04:59,140 --> 00:05:06,790
This is its name and all we need to do is go back to the preferences inside of our Firefox, navigate

66
00:05:06,790 --> 00:05:08,650
to privacy and security.

67
00:05:08,980 --> 00:05:14,530
And all the way down, we will have our certificates part under the certificates part.

68
00:05:14,530 --> 00:05:19,690
We want to click on view certificates and we want to click on import a certificate.

69
00:05:20,690 --> 00:05:25,370
Then you want to navigate to the download directory, select the certificate, which it's downloaded,

70
00:05:25,370 --> 00:05:27,020
and then click on Open.

71
00:05:28,270 --> 00:05:35,950
We want to select trustees to identify websites and trust the CIA to identify email users, click on

72
00:05:35,950 --> 00:05:39,490
OK and also click on OK right here.

73
00:05:40,460 --> 00:05:49,610
If I go back and I refresh Google dot com, hmmm, it seems to still load, it doesn't really do anything.

74
00:05:50,490 --> 00:05:52,680
So why isn't it loading our page?

75
00:05:53,250 --> 00:05:54,580
Well, in the burbs.

76
00:05:54,730 --> 00:06:01,320
By default, you should see if you go back after trying to open Google once again, that this proxy

77
00:06:01,350 --> 00:06:05,200
will turn orange and this intercept will also turn orange.

78
00:06:05,790 --> 00:06:11,630
So if we go to proxy and then intercept, we will have an HTTP request.

79
00:06:12,210 --> 00:06:18,300
And this is a request that we just initiated to the host w w w Google dot com.

80
00:06:18,990 --> 00:06:25,470
We can see all of those fields that we talked about, such as hosts such as user agent under the user

81
00:06:25,470 --> 00:06:25,830
agent.

82
00:06:25,840 --> 00:06:28,890
We can see which type of web browser are we using.

83
00:06:29,700 --> 00:06:34,890
We can also see the cookie right here and the reason why we are not loading the page and it is still

84
00:06:34,890 --> 00:06:38,600
loading right here is because the intercept is turned on.

85
00:06:38,820 --> 00:06:45,120
This means it will intercept this packet before it actually forwarded to the webpage.

86
00:06:45,960 --> 00:06:53,370
We can forward it manually by pressing this or we can just turn the intercept off and then it will not

87
00:06:53,370 --> 00:06:54,860
intercept any packets.

88
00:06:55,050 --> 00:06:59,520
So if I go back to Google right now, you can see we successfully loaded Google.

89
00:07:00,780 --> 00:07:06,480
If we want, we can go right here under the target and we can see all the links that we visited while

90
00:07:06,480 --> 00:07:07,800
the purpose it was running.

91
00:07:07,980 --> 00:07:13,580
So we can see Google right here and we can see all of the requests and response that we got for the

92
00:07:13,590 --> 00:07:13,960
Google.

93
00:07:14,400 --> 00:07:18,720
So here is the request for the Google dot com that we just did.

94
00:07:18,990 --> 00:07:24,780
And here is the response from the Google that says states code two hundred, OK, which means we successfully

95
00:07:24,780 --> 00:07:27,330
loaded the page, which we indeed loaded.

96
00:07:27,570 --> 00:07:30,450
And here is the code of that page.

97
00:07:31,520 --> 00:07:36,440
Cool, right now we can intercept any packets to any website.

98
00:07:37,350 --> 00:07:43,770
Great, now that we covered Configuration Burset in the next video, we can go and perform our first

99
00:07:43,770 --> 00:07:49,330
attack and in the future videos, we're also going to cover more details about this purpose, too.

100
00:07:49,470 --> 00:07:55,110
But for now, we just managed to configure it and we're ready to, in the next video, perform our first

101
00:07:55,110 --> 00:07:55,660
attack.

102
00:07:56,310 --> 00:07:56,880
See you there.