The tool requires a Java environment to run, please install it yourself, so I won’t go into details here. Right-click burp-loader-keygen.jar after decompression is complete, and open keygen as Java(TM) Platform SE binary
1. Tool acquisition address: https://mp.weixin.qq.com/s
2. Modify the License Text to any value
3. Click run to start burpsuite
4. If the above method fails to start burpsuite, open cmd, enter the directory where burp-loader-keygen.jar is located, and execute the command: java -Xbootclasspath/p:burp-loader-keygen.jar -jar burpsuite_pro_v1.7.37.jar
5. Open burpsuite successfully
6. Copy and paste the License in Keygen to burpsuite
Click Next
7. Then click Manual activation
8. Click Copy request
9. Click Copy request. After the copy is complete, paste the string into the Activation Request box of keygen, and then there will be a result in the Activation Response box, as follows
10. After copying, paste the string into the remaining box of BurpSuite, as shown in the figure, and click Next to display that the activation is successful
11. Click Next again to display that the activation is successful
Then click Next
Then click Start Burp
12. The main interface of burpsuite
13. After activation, you cannot start by double-clicking the BurpSuite main program. Otherwise, you still need to enter the key after starting. The two files must be placed in the same directory. There are two ways to start:
Start with the run button on keygen
Execute java -Xbootclasspath/p:burp-loader-keygen.jar -jar burpsuite_pro_v1.7.31.jar in the file directory to start. For convenience, you can save the command as a bat
Summary of how to use Burpsuite's magical common functions
Introduction to Burpsuite:
An integrated attack testing platform that can be used for WEB applications. (Catch https to import the certificate in the browser)
1. Learn Proxy
First look at the red mark, intercept is on is the interception state, and the corresponding intercept is off is the non-interception state. After setting the proxy and turning on the interception state, the request initiated by the browser will be intercepted by burpsuite
forward: After the request is made, it is intercepted. Click forward to continue the request. If you click drop, the request data will be discarded. After continuing the request, you can see the returned result
You can view all the content of this request in the message analysis tab
1) Raw This view mainly displays the raw format of the web request, including the request address, http protocol version, host header, browser information, acceptable content type, character set, encoding method, cookies, etc. These contents can be manually modified. Then click forward for penetration testing
2) params This view mainly displays the parameter information requested by the client, get or post parameters, cookies parameters, and can also be modified
3) headers is the header information and Raw is actually similar, the display is more intuitive
4) Hex This view displays the binary content of Raw
Note: By default, BurpProxy only intercepts requested messages. Ordinary files such as css, js, and pictures will not be intercepted. Of course, you can set anything you want to intercept. Now we know how to set up a proxy, how to install it, and how to proceed. Request interception, how to modify the content initiated by the request to infiltrate the server, next we will learn how to control these interceptions
The picture above shows http history All intercepted history will be recorded
The interception function of Burp Proxy is mainly composed of Forward, Drop, Interception is on/off, and Action in the Intercept tab. Their functions are: The function of Forward is to click this button after you have viewed or re-edited the message , will send the message to the server. The function of Drop is that you want to lose the currently intercepted message and no longer forward it to the server. Interception is on means that the interception function is turned on, and all request data passing through Burp Proxy is intercepted; Interception is off means that the interception function is turned off, and all request data passing through Burp Proxy is no longer intercepted. The function of Action is to not only pass the current request message to the Spider, Scanner, Repeater, Intruder, Sequencer, Decoder, Comparer components, but also modify some request messages, such as changing the GET or POST request method, changing the encoding of the request body , at the same time, you can also change the interception settings of request messages, such as no longer intercepting messages from this host, no longer intercepting messages from this IP address, no longer intercepting messages from this type of file, and no longer intercepting messages from this directory, you can also specify Intercept its server-side return message for this message.
2. Use of burpsuite (capturing packets, intercepting packets, changing packets)
The Firefox browser is recommended here to be used with burp.
1) Set up the browser
Tools - Options - Network Settings - Settings, change the connection settings to manual proxy configuration
Enter 127.0.0.1:8080 and click Enter to enter the burp certificate download page
Click on the upper right corner to download the certificate
Search for the certificate in the options, click [View Certificate]
Click [Import] to import the burp certificate you just downloaded, so that you can use burp to grab https requests
At this time, the Firefox browser on the computer is also set to proxy mode. After the proxy setting is successful, the webpage cannot be accessed because we have not forwarded the request. Next, we need to configure burp to forward the browser's request.
2) Configure the burp listening port
Then open burp
The listening port is set to be the same as the proxy port
3) Capture packets
Set burp to Intercept is on, enter baike.baidu.com in the Firefox browser
Set Intercept is on to Intercept is off
4) Cut the package
At this time, you need to turn on the blocking function.
When capturing packets before, you can see that Baidu search has to send many requests at a time. At this time, it stays on the first request. At this time, if you click forward without listening, it will keep sending the next request. If you keep clicking drop, the requested packets will be dropped one by one.
5) Change the package
For example, fruit net http://www.guo68.com/ search for fruit: pingguo (when searching for Chinese, the package caught is garbled, which is not good for observation)
Keep clicking forward, and check the params option until pingguo appears in the content of the parameter
At this time, change pingguo to putao, continue to click forward or turn off the interception function.
Then you will search for putao.