TryHackMe: Burp Suite — Summary (Part 2)

Abel Lim
4 min readJun 20, 2023

--

From TryHackMe — Burp Suite room

~~Part of TryHackMe Jr Penetration Tester Learning Path~~
Follow to join me in this journey!
Why TryHackMe?
Part 1: TryHackMe: Burp Suite — Summary (Part 1)
More about me.

Introduction

There are 7 functions discussed in this Burp Suite room:
1) Proxy
2) Repeater
3) Intruder
4) Decoder
5) Comparer
6) Sequencer
7) Extender

Proxy, Repeater and Intruder were summarized in Part 1.
The remaining 4 functions will be summarized here in Part 2.

Burp Suite: Decoder

From TryHackMe — Burp Suite room

Decoder allows us to:

  • Decode information that we captured during an attack.
  • Encode our payload to send to our target.
  • Create hash values (MD5, SHA1, SHA256, etc.)
  • Use the function ‘Smart Decode’: An attempt to automatically decode encoded text will be made.
  • Edit the input byte-by-byte via ‘Hex’ View

Different types of decoding/encoding methods

  1. Plain: Plaintext is what we have before performing any transformations.
  2. URL encoding: To make data safe to transfer in the URL of a web request. It is a useful method for any kind of application testing.
  3. HTML: Allow special characters in HTML language to be rendered safely in HTML pages and can be used to prevent attacks such as XSS.
  4. Base64: To encode data in an ASCII-compatible format.
  5. ASCII Hex: Each letter in the original data is taken individually and converted from numeric ASCII representation into hexadecimal.
  6. Hex, Octal, and Binary: Only apply to numeric inputs. They convert between decimal, hexadecimal, octal (base eight) and binary.
  7. Gzip: To compress data, commonly used to reduce file sizes.

Useful tools:

GZip (https://codebeautify.org/gzip-decompress-online)
Cyberchef (https://gchq.github.io/CyberChef/))

Burp Suite: Comparer

Orginally from TryHackMe — Burp Suite room (Comparer module)

Comparer allows us to:

  • Select two datasets for comparison.
  • Load data from a file for comparison.
  • Make a comparison with either words or bytes.
An example from TryHackMe — Burp Sute room (Comparer)

Comparer is useful for:

  • Comparing large data sets, as the differences can be easily identified.

Burp Suite: Sequencer

From TryHackMe — Burp Suite room (Sequencer)

Sequencer allows us to:

  • Measure the entropy (randomness) of “tokens”.
  • Analyze the randomness of a session cookie or Cross-Site Request Forgery (CSRF) token.

Main methods to perform token analysis:

  1. Live Capture: Making the same request (captured live in Proxy > sent to Sequencer) thousands of times automatically and storing the generated token samples for analysis.
  2. Manual Load: Loading a list of pre-generated token samples and avoid making thousands of requests to our target.

Burp Suite: Extender

From TryHackMe — Burp Suite room (Extender)

4 functions in Extender that were discussed in this room:

  1. Extensions: Provides a list of extensions that were installed and allows us to activate/deactivate them.
  2. BApp Store: Allow us to easily list official extensions and integrate them seamlessly with Burp Suite.
  3. Jython: To use Python modules in Burp Suite.
  4. APIs: Existing modules that can be integrated with Burp Suite.

More information on Burp Suite extensions:
https://portswigger.net/burp/documentation/desktop/extensions/installing-extensions

Conclusion

In my own opinion, if you are planning to become a Penetration Tester, you must learn how to use Burp Suite and be familiarized with it, especially the three functions that were mentioned above. Spend some time to explore Burp Suite in your own lab environment. Trust me, it will be worth it.

If you have any questions, feedback or tips, let me know in the comment section!

--

--

Abel Lim
Abel Lim

Written by Abel Lim

Just a guy sharing his new journey in Cybersecurity

No responses yet