Burp Suite Manually Send A Request

broken image


Room#

Manually
  • Name: Introductory Researching
  • Profile:tryhackme.com
  • Difficulty: Easy
  • Description: A brief introduction to research skills for pentesting.

Disclaimer: the answers are either general culture, searching the keyword inthe question or looking for an option in the man page, it's very easy and obvious,the room description already give it all so teh write-up doesn't need details.

Burp Suite is a suite of web application testing tools that help you intercept, modify and automate your interactions with a web application. If you do CTFs, this will make your life a lot easier. Burp Suite for Beginners Part 1: Setup and Target/Proxy Tools. Manually Activation. After this process, you will have some kind of screen in front of which you have to click above manual activation so that you can manually activate your burp suite. After this, you have to copy the given code, for which you have to click above the copy request button.

Example Research Question#

In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?

Answer: repeater

What hash format are modern Windows login passwords stored in?

Answer: NTLM

What are automated tasks called in Linux?

Answer: cron jobs

What number base could you use as a shorthand for base 2 (binary)?

Answer: base 16

If a password hash starts with $6$, what format is it (Unix variant)?

Answer: sha512crypt

How to edit request in burp suite
Burp Suite Manually Send A Request

Vulnerability Searching#

What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?

Answer: CVE-2020-10385

Send
  • Name: Introductory Researching
  • Profile:tryhackme.com
  • Difficulty: Easy
  • Description: A brief introduction to research skills for pentesting.

Disclaimer: the answers are either general culture, searching the keyword inthe question or looking for an option in the man page, it's very easy and obvious,the room description already give it all so teh write-up doesn't need details.

Burp Suite is a suite of web application testing tools that help you intercept, modify and automate your interactions with a web application. If you do CTFs, this will make your life a lot easier. Burp Suite for Beginners Part 1: Setup and Target/Proxy Tools. Manually Activation. After this process, you will have some kind of screen in front of which you have to click above manual activation so that you can manually activate your burp suite. After this, you have to copy the given code, for which you have to click above the copy request button.

Example Research Question#

In the Burp Suite Program that ships with Kali Linux, what mode would you use to manually send a request (often repeating a captured request numerous times)?

Answer: repeater

What hash format are modern Windows login passwords stored in?

Answer: NTLM

What are automated tasks called in Linux?

Answer: cron jobs

What number base could you use as a shorthand for base 2 (binary)?

Answer: base 16

If a password hash starts with $6$, what format is it (Unix variant)?

Answer: sha512crypt

Vulnerability Searching#

What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in WPForms?

Answer: CVE-2020-10385

There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. What's the CVE for this vulnerability?

Answer: CVE-2016-1240

What is the very first CVE found in the VLC media player?

Answer: CVE-2007-0017

If I wanted to exploit a 2020 buffer overflow in the sudo program, which CVE would I use? Rar to zip mac.

Answer: CVE-2019-18634

Manual Pages#

SCP is a tool used to copy files from one computer to another.What switch would you use to copy an entire directory?

Answer: -r

fdisk is a command used to view and alter the partitioning scheme used on your hard drive.What switch would you use to list the current partitions?

Answer: -l

nano is an easy-to-use text editor for Linux. There are arguably better editors (Vim, being the obvious choice); however, nano is a great one to start with.What switch would you use to make a backup when opening a file with nano?

Answer: -B

Burp Suite Program Manually Send A Request

Netcat is a basic tool used to manually send and receive network requests.What command would you use to start netcat in listen mode, using port 12345?

Burp Suite What Mode Would You Use To Manually Send A Request

Answer: nc -l -p 12345





broken image