CSF4103 Web Applications Security

Lab 1: Observing the HTTP traffic between a browser and a Web Server Using Burp Suite
Objectives:
You will observer HTTP traffic between a web browser and web server using Burp Suite.
You will detect the different HTTP methods by exploring the request header. You will
detect the different HTTP response codes by exploring the response header.
Tasks:
1. Run Burp Suite
2. If asked for update, close (don’t update)
3. Select temporary project, then Next
4. Use default then Start Burp

5. Select Proxy from the first line buttons , and options from the second line
6. Check ip address ( 127.0.0.1) and the port 8080 .

We decided to use port 8080 to configure our proxy

7. Start Google Chrome web browser and go to Settings , search for proxy and open
“Open your computer’s proxy settings”
As we see the we configure proxy setting of the browser to 127.0.0.1 to por number
8080

8. Turn on Manual Proxy and use The ip address and the port above , then save.
9. Click Ok and then enter the following address in the Chrome address
bar: http://altoromutual.com

10. Go to Burp Suite and select Proxy , intercept

11. Keep pressing Forward button, until the forward button is dimmed.

12. Press sign in , switch to Burp Suite and press Forward until forward is dimmed
13. Switch Back to Chrome Browser , enter the username & password ( jsmith / demo1234)
14. In Burp Suite examine the Web Sessions traffic by selecting Proxy/Http History
(Notice requests with Get / Post Methods)

15. From details window below check Request tab and Response tab

16. Navigate to check and explore Parameters used in requests

17. Search for this request with Post method and fill the next table

Parameter Type Parameter Name Parameter Value

Cokie JSESSIONID 2EB8236E7CFC9A8608E1C16E6D7
88FB9
cokie AltoroAccounts LTEuOTk5NTQzNDA3MDM5MTU0
OTRFMTh8ODAwMDAzfkNoZWNr
aW5nfjUuOTIyMzM3MjAzOTU3OD
RFMjB8NDUzOTA4MjAzOTM5NjI
4OH5DcmVkaXQgQ2FyZH4tMS45O
Tk1NDM0MDEyNzg3MTE1NUUxO
Hw
body uid jsmith
body passw demo1234

18. Search for this request

19. What HTTP method that was

used in this request? HTTP
Request Method post

20. What was the response

code? HTTP Response Code
gzip, deflate
21. What is the sever type? application/x-www-form-urlencoded

22. Repeat the process but using https protocol now , Go to Chrome and enter
https://altoromutual.com in the address bar

The website can be access without any problem

23. Check web traffic in Purb Suite for https requests there is no information for the website shows when
we use https sever

24. What is the different between HTTP and HTTPS?

http is hypertext control protocol

https hypertext secure protocol
 HTTP Port & Traffic
http port is port 80

HTTPS Port & Traffic

https port 443

25. Click the Sign In link again and login as jsmith/demo1234

26. Form the intercept window try changing the password (use different passwords ) we try to change the
password using intercpt

27. Then press forward until the button is dimmed

28. Check the chrome, what do you notice? they password incorrect
29.

30. Did the browser react based on changing the password in intercept window? Yes says the password is
wrong

31. What is the wrong with “Login Failed” message? Write your comments the web browser not accept the
password because it was wrong