The Hacking Web Applications module provides you with the instructions and devices to develop your hands-on skills in the following topics:
- Working with Burp Suite and Firefox
- Performing cross-site scripting (XSS) attacks
- Cracking passwords for web applications and websites
Lab time: It will take approximately 60 minutes to complete this lab.
The following objective is covered in this lab:
- Hacking web applications
Exercise 1 - Working with Burp Suite and Firefox
Burp Suite is a Java based graphical application used to perform security testing of web applications. It acts as a web proxy server facilitating interception of web traffic between the web browsers and web servers. You need to configure Burp Suite on the device if it has to intercept the web traffic.
In this exercise, you will work with the web browser Mozilla Firefox and capture the requests from Firefox in Burp Suite. Accordingly, you will perform the following tasks:
- Enable HTTP web service on PLABSA01
- Configure Burp Suite on PLABWIN10
- Configure Firefox to use Burp Suite proxy listeners
Exercise 2 - Performing Cross-site Scripting (XSS) Attacks
- Reflected XSS
- Stored XSS
Reflected XSS attack is also known as the non-persistent XSS attack. In this type of attack, the attacker sends the malicious code as a link in an email or posts it on the website. The victim clicks the link. The malicious script embedded within the link gets executed and is reflected back on the victim’s web browser. The browser then sends the cookie information of the victim’s session to the attacker. Thus, reflected XSS attack occurs only if the victim clicks the malicious links. Malicious links are generally found in unknown emails and comments section of less secure websites.
Stored XSS attack is also known as the persistent XSS attack. In this type of attack, the attacker injects the malicious script directly into a vulnerable web application. The malicious script steals the cookie information of the victim’s sessions and sends it to the attacker. Therefore, in stored XSS attack, the damage is more as the malicious script executes on every visit to the web application.
In this exercise, you will learn how reflected and stored XSS attacks work.
Exercise 3 - Cracking Passwords for Web Applications and Websites
Attackers can attack web applications and websites in different ways. If the login controls are not secure enough, attackers can crack the passwords and login to the application. There are many sophisticated password crackers available. Some of them are John the Ripper, THC Hydra, OCL HashCat, and so on.
In this exercise, you will use the Brutus tool to crack the password for the DVWA web application.