Professional Documents
Culture Documents
Lab 11
Lab 11
3.Get IP Address
o Instructions:
1. ifconfig —a
°o Notes:
= As indicated below, my IP address is 192.168.1.106.
= Please record your IP address.
Preferences
Instructions:
Edit --> Preferences
Preferences
Instructions:
Click on Manual proxy configurations
Type "127.0.0.1" in the HTTP Proxy Text Box
Type "8080" in the Port Text Box
Check Use the proxy server for all protocols
Click OK
Click Close
Turn on intercept
Instructions:
Click on the proxy tab
Click on the intercept tab
Verify the intercept button shows "intercept is on"
Section 9: Intercept with Burp Suite
Browse to DVWA's homepage
Instructions:
http://IPADDRESS/dvwa/
Replace IPADDRESS with the Fedora's IP Address obtain in (Section 3, Step 3).
Notice that the DVWA homepage will not be displayed, but instead you will get a Connecting
message.
Continue to Next Step.
Forward Request
Instructions:
Click on the Forward Button 3 times.
View History
Instructions:
Click on the proxy tab
Click on the history tab
Click on /dvwa/login.php
Click on the request tab
Click on the raw tab
Notice that a PHP cookie session is now established, even without logging to the application.
Login to DVWA
Instructions:
Username: admin
Password: password
Click Login
Notice that the DVWA Navigation Menu will not be displayed, but instead you will get a Connecting
message.
Continue to Next Step
Forward Request
Instructions:
Click on the Forward Button 3 times.
Start Up Notepad
Instructions:
Applications --> Wine --> Programs --> Accessories --> Notepad
Paste URL into Notepad
Instructions:
Edit --> Paste
Issue Attack
Instructions:
Edit --> Paste
Press <Enter> after you verify the curl statement was correctly pasted.
Without supply any username and password information, notice you see the Welcome title displayed
after logging into DVWA.
Start FireFox
Instructions:
Start --> All Programs --> Mozilla Firefox
Go to Add-ons
Instructions:
Tools --> Add-ons
Install Cookies Manager+ 1.5.1
Instructions:
Search for cookies
Click the Install button next to Cookies Manager+ 1.5.1