-
Notifications
You must be signed in to change notification settings - Fork 0
/
ch01-set_up_lab
203 lines (107 loc) · 6.25 KB
/
ch01-set_up_lab
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
Setting Up Kali Linux and More
Lab Setup
In this course, we will be using Kali Linux as our operating system with tools like Postman, Burp Suite, Wfuzz, and Kiterunner. You may use any operating system that you would like, but the tools and techniques of this course will be demonstrated using Kali. The tools that we will be using are all free, but because of this benefit, there are some limitations. For example, the free community edition of Burp Suite throttles scans to the point where it becomes unrealistic to use in a professional setting. So, I do advise you to upgrade to professional/enterprise versions of applications when you move into that setting. For the purpose of this course, you will be able to learn the tools and techniques without paying for software upgrades.
Install a Hypervisor (VMware)
Download and install VMware to host your Kali Linux VM.
https://www.vmware.com/go/getplayer-win
Install Kali Linux
Download and Install the Kali VMWare 64-bit VM.
https://www.kali.org/get-kali/#kali-virtual-machines
For additional help with installation, please read the Kali.org docs (https://www.kali.org/docs/installation/).
User: kali
Pass: kali
Update Kali
Once you have your Kali VM up and running, open the Kali Linux Terminal and use the following commands to update your system:
$ sudo apt update -y
$ sudo apt upgrade -y
$ sudo apt dist-upgrade -y
Update User Accounts
When starting a new operating system it is always a great idea to update default credentials:
$ sudo passwd kali (enter in a new more complex password)
$ sudo useradd -m hapihacker
$ sudo usermod -a -G sudo hapihacker
$ sudo chsh -s /bin/zsh hapihacker
Burp Suite Community Edition
Burp Suite should come stock with the latest version of Kali, but if it does not then use the following command:
$ sudo apt-get install burpsuite -y
Download Jython (https://www.jython.org/download.html) and add the .jar file to the Extender Options:
Under the Extender BApp Store search for Autorize and install the extension.
Foxy Proxy Standard
While Firefox is open use the shortcut CTRL+Shift+A or navigate to https://addons.mozilla.org/en-US/firefox/addon.
Search for FoxyProxy Standard.
Add FoxyProxy to Firefox.
Install FoxyProxy Standard and add it to your browser.
Click the fox icon at the top-right corner of your browser (next to the URL) and select Options.
Select Proxies >Add New Proxy >Manual Proxy Configuration.
Add 127.0.0.1 as the host IP address.
Update the port to 8080 (Burp Suite’s default proxy settings).
Under the General tab, rename the proxy to BurpSuite.
Add a second new proxy:
Add 127.0.0.1 as the host IP address.
Update the port to 5555
Under the General tab, rename the proxy to Postman
Burp Suite Certificate
Start Burp Suite.
Open your browser of choice.
Using FoxyProxy, select the BurpSuite proxy. Navigate to http://burpsuite and click the CA Certificate. This should initiate the download of the Burp Suite CA certificate.
Save the certificate somewhere you can find it.
Open your browser and import the certificate. In Firefox, open Preferences and use the search bar to look up certificates. Import the certificate.
In Chrome, open Settings, use the search bar to look up certificates,
select More>Manage Certificates>Authorities, and import the certificate. If you do not see the BurpSuite cacert.der certificate. (You may need to expand the file type options to “DER” or “All files").
Now that you have the PortSwigger CA certificate added to your browser, you should be able to intercept traffic without experiencing issues.
MITMweb Certificate Setup
Now we will also import the cert for MITMweb through a very similar process.
Stop burpsuite (it's listening on 8080 and mitmweb needs that to work)
Start mitmweb from the terminal:
$mitmweb
Use FoxyProxy in Firefox to send traffic to the BurpSuite proxy (8080).
Using Firefox Visit mitm.it.
Download the mitmproxy-ca-cert.pem for Firefox.
Return to the Firefox certificates (see Burp Suite Certificate instructions).
Import the MITMweb (mitmproxy-ca-cert.pem) certificate.
Install Postman
$ sudo wget https://dl.pstmn.io/download/latest/linux64 -O postman-linux-x64.tar.gz && sudo tar -xvzf postman-linux-x64.tar.gz -C /opt && sudo ln -s /opt/Postman/Postman /usr/bin/postman
Install mitmproxy2swagger
$ sudo pip3 install mitmproxy2swagger
Install Git
$ sudo apt-get install git
Install Docker
$ sudo apt-get install docker.io docker-compose
Install Go
$ sudo apt install golang-go
The JSON Web Token Toolkit v2
$ cd /opt
$ sudo git clone https://github.com/ticarpi/jwt_tool
$ cd jwt_tool
$ python3 -m pip install termcolor cprint pycryptodomex requests
(Optional) Make an alias for jwt_tool.py
$ sudo chmod +x jwt_tool.py
$ sudo ln -s /opt/jwt_tool/jwt_tool.py /usr/bin/jwt_tool
Install Sublime Text
Install the GPG key:
$ wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/sublimehq-archive.gpg > /dev/null
Select the Stable channel:
$echo "deb https://download.sublimetext.com/ apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list
Update apt sources and install Sublime Text:
$sudo apt-get update
$sudo apt-get install sublime-text
Install Kiterunner
$ sudo git clone https://github.com/assetnote/kiterunner.git
$ cd kiterunner
$ sudo make build
$ sudo ln -s /opt/kiterunner/dist/kr /usr/bin/kr
Install Arjun
$ sudo git clone https://github.com/s0md3v/Arjun.git
Install OWASP ZAP
$ sudo apt install zaproxy
Once ZAP is installed, make sure to navigate to the Manage Add-Ons (CTRL+U). Make sure to apply updates for the Fuzzer and OpenAPI Support.
Useful Wordlists
SecLists (https://github.com/danielmiessler/SecLists)
$ sudo wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& sudo unzip SecList.zip \
&& sudo rm -f SecList.zip
Hacking-APIs (https://github.com/hAPI-hacker/Hacking-APIs)
$ sudo wget -c https://github.com/hAPI-hacker/Hacking-APIs/archive/refs/heads/main.zip -O HackingAPIs.zip \
&& sudo unzip HackingAPIs.zip \
&& sudo rm -f HackingAPIs.zip
Once you have these tools installed and updated you should be ready to proceed to the next module.