Showing posts with label data. Show all posts
Showing posts with label data. Show all posts

Friday, 12 July 2013

Data Manipulation - Intercepting HTTP Traffic using Burp Suite Proxy

"Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities." - http://www.portswigger.net/burp/


Open Burpsuite in BackTrack


Click on the Proxy tab. By default, the settings is set to listening on port 8080.


Next, go to your browser and set your proxy settings to 127.0.0.1:8080


In this example, we are going to use a weakly configured test website to demonstrate what Burp Suite Proxy can do.
On your browser, go to www.bayden.com/sandbox/shop/ and click enter. You will notice that the website is trying to load..


Now, on Burp Suite, you will see that the traffic has been intercepted. You can see the data it is withholding. Click Forward to allow the traffic to go through.


On your browser, you will notice that the website now has loaded properly. Check out the price for the laptop... it costs $1095. 
Let's try to change that shall we? Let's order 3 sets of it and click on Check Out.



On the Burp Suite Proxy, you will notice the HTTP traffic and what can we see here is the price of the laptop.


In the Params tab, you can see in a better format the cost of the laptop.


Let's change the price and put it to 65.00. Once changed, click forward.


And now you notice that you have successfully purchase 3 laptops for only $195.


------------------------------------------------------------------------------------------------------

Note: The site http://www.bayden.com/sandbox/shop/ is a site for testing, made available for those who wants to perform a POC (proof of concept) on this security issue.

Download Burp Suite here: http://www.portswigger.net/burp/download.html


Check out my previous blogpost on how to perform the same thing on Firefox and IE browser here: http://securityg33k.blogspot.sg/2013/07/5000-to-50-tamperingmanipulating-data.html
Posted by at No comments:
Labels: , , , , , , , ,

Wednesday, 3 July 2013

$5000 to $50 - Tampering/Manipulating Data on Poorly Designed Website

While i was checking out tools to perform assessment on Web applications, i stumbled upon two addons that can be used to manipulate and change data via the http header. So decided to test it out and blog about it.


Let's try to purchase a laptop costing thousand of dollars on this site: 
http://www.bayden.com/sandbox/shop/


When you click Checkout, the price is $1095.00


-------------------------------------------------------------------------------------------------------

For Internet Explorer 

"TamperIE Web Security Tool is a small utility that enables HTML-form tampering for penetration testing of web applications. TamperIE is an Internet Explorer Browser Helper Object which allows tampering with HTTP requests from Internet Explorer 5 and above. TamperIE is a useful tool for security testing your web applications, in order to ensure you don't make foolish assumptions about the data sent by client browsers. Since the tool exposes and allows tampering with otherwise inconvenient input, many user-input security flaws immediately become apparent. SSL? TamperIE works inside IE itself, before data is placed on the wire; this means that it works fine even against SSL secured sites." - http://tamperie-web-security-tool.findmysoft.com/

Download the addon called TamperIE from:
http://www.softpedia.com/get/Tweak/Browser-Tweak/TamperIE-Web-Security-Tool.shtml
 

Open the Control Panel and click the first Option


Browse back to the website and click Check Out


TamperIE will pop up and show you the values and data it is going to send. Notice that the value here is 1065.00. Lets change that shall we?


In this example, we will choose 50.00. Then click on the 'Send altered data'


When you check out, the price will change to $50 instead of the original $1065.00!!


-------------------------------------------------------------------------------------------------

For Firefox

"About this Add-on: Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. Trace and time http response/requests. Security test web applications by modifying POST parameters." - https://addons.mozilla.org/en-us/firefox/addon/tamper-data/


There is a tool called Tamper Data you can download from:
https://addons.mozilla.org/en-us/firefox/addon/tamper-data/eula/79565?src=dp-btn-primary


Once installed, go to Tools and click on Tamper Data


Click Start Tamper. This will monitor any incoming and outgoing request.


Now go back to the Shopping website and click Check out, a pop up will appear whether you want to Tamper the data or not. Click Tamper


Change the original value to 50.00 and click Ok


There you go... your laptop is now $50!!




Note: The site http://www.bayden.com/sandbox/shop/ is a site for testing, made available for those who wants to perform a POC (proof of concept) on this security issue.

Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)