One of the main things needed for CTFs are using Burpsuite to intercept traffic. This guide will help users understand basics of Burpsuite.
Defining Target Scope in Burpsuite.
Here we have defined what should be included in our scope and excluded from our scope. The entry in the include section was defined by us and the exclude section was left with default values.
Go to Target tab > Scope > Enter target details.
Setting up the proxy settings.
Next we set up the proxy settings in our web browser such that Burpsuite can listen to requests and responses that are made. We will leave the proxy listening options as it is in Burpsuite and configure the proxy settings in our browser as follows to match the settings in burpsuite.
Now that our proxy has been set to the local address with port 8080 as it is defined in the proxy listening options in Burpsuite, we should be able to view request and response details in Burpsuite.
Confirm whether the proxy configurations are correct.
In order to verify that our changes were made correctly and that we can listen to the responses and requests through Burpsuite we should hover over to the Intercept tab under the Proxy tab in Burpsuite. Then we should be able to see that Intercept is on by default and we have the option to either forward or drop a request. Note that until you forward or drop requests, the user who is using the browser will not be able to view the content in the browser.
Viewing Site map through the target tab.
Now we should be able to view the initial site tree of the homepage through the site map of the Site Map tab under the Target tab. We can also view the details regarding requests and responses by clicking on an entry on the table on the upper right and selecting either Request/ Response below the table. The request or response can be viewed as Raw/ Parameters/ Headers or Hex values by the tabs under Request/Response.
Once done with configuring the options for Spidering, we need to move on to the control tab and start the Spidering. When you click on the button that says that Spider is not running, it will change to Spider is running and it will start to spider the target website.
There are 2 things to note here:
- Spidering requires a large memory to continue its designated process. Recommendation is at least 4GB of RAM.
- You can define a custom target other than the specified scope in the target tab, by selecting custom scope.
Exploring site map through the target tab.
Once we have finished Spidering the website, we can head to the Target tab to view our site map. Now we should have more pages than we had in the initial stage.
Finally, we can go through the pages and find what we were looking for.