Scribd
Upload
218 views16 pages

CROSS

The document outlines a step-by-step guide for setting up a proxy server and using Burp Suite Community Edition to perform a simulated attack on a demo website. It details the process of intercepting requests, configuring payloads, and executing an attack to demonstrate vulnerabilities. The final result shows successful access to the demo website after entering the correct credentials.

Uploaded by

punithasagunthala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
218 views16 pages

CROSS

The document outlines a step-by-step guide for setting up a proxy server and using Burp Suite Community Edition to perform a simulated attack on a demo website. It details the process of intercepting requests, configuring payloads, and executing an attack to demonstrate vulnerabilities. The final result shows successful access to the demo website after entering the correct credentials.

Uploaded by

punithasagunthala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Step 1: Open Settings and Go to the Network & internet

Step 2: Click Proxy Server Setup


Step 3: Proxy enabled with IP 127.0.0.1 and port 8080.

Step 4: Open the Burp Suit Community edition and Click Next
Step 5: Click Start Burp

Step 6: Click Proxy


Step 7: Open the demo Hacking website http://demo.testfire.net/
Step 8: Turn on the Intercept on

Step 9: Again go to the Demo Website and Search the Deposit, Click go
Step 10: Come to the Brupsuit, Click on the Right side and press the Send to Intruder

Step 11: Go to the Intruder


Step 12: Go to the Proxy and Turn off the Intercept

Step 13: Select the “deposit” and Click Add.


Step 14: Copy the line code

Step 15: Paste the code in the Payload configuration


Step 16: Select the Sniper Attack and Click Start Attack

Step 17: Click Ok


Step 18: They show this page

Step 19: Click on Request 1 and click "Show in browser" on the right side.
Step 20: Click Copy

Step 21: Paste the link in the New tab, They Show This site is Hacked
Step 22: The file explorer shows the search for "cmd" in the "WAS_Exp_4_resources" folder.

Step 23: The Python script server.py is running and listening on port 8080.
Step 24: Go to the Notepad and Copy this program

Step 25: Go to the Demo Website and Paste the program in search tab
Step 26: They show this page and Type Username and Password

Step 27: The username and password shown in the command prompt.
Step 28: Go to the Demo website, Click Sign in

Step 29: Put the Username and Password as “admin”


Step 30: Finally The Demo Website is successfully Attacked.

Result:

You might also like