How to tamper data of a website using Burp Suite

Burp Suite is a tool developed by Portswigger, which is used for penetration testing of web applications. We can perform lots of tasks using burp suite like modification, brute force attack, crawling, etc. It is generally used by security researchers to check possible vulnerability in a website.

In this post we will show you how to tamper data of a website using Burp Suite.

Tamper data of a website using Burp Suite in just 15 steps!

Step 1: Open Burp Suite Community edition in your computer.

How to tamper data of a website using Burp Suite


Step 2: A dashboard will open like this, Go to "Proxy" option present at third number.

How to tamper data of a website using Burp Suite

Step 3: After opening Proxy Tab, click on "interception" button to turn it on.

How to tamper data of a website using Burp Suite


Step 4: Now go to your browser (here Mozilla Firefox) then go to proxy setting to change “Manual Proxy configuration” from “User system Proxy setting”

It’s very important to set proxy at same IP and Port as that of Burp Suite, only then Burp Suite will be able to intercept packets. Moreover, Burp Suite will only work on HTTP websites, to intercept HTTPS (secure) websites like rsmalls.com, you have to install a CA certificate in your Browser.

How to tamper data of a website using Burp Suite


Step 5: Now open given website rsmalls.com 

How to tamper data of a website using Burp Suite


Step 6: A window will pop up in which Price of the given item (gold) is given. Choose the number of units, quality of gold (in terms of M), etc. then click on “BUY NOW”.

How to tamper data of a website using Burp Suite


Step 7: After clicking BUY NOW, new window will not load until we will forward this packet from Burp Suite. Since the interception is turned on, so it will show the details of the packet.

How to tamper data of a website using Burp Suite


Step 8: Now go to “Params” section next to raw to modify the packet. You will see all details of the packet and now look for the Price and change it to your desired value.

How to tamper data of a website using Burp Suite


Step 9: Change the PRICE to 00.00 (or any desired value) and forward the packet.

How to tamper data of a website using Burp Suite


Step 10: Bingo!! Price of the item modified successfully. Now, fill the bill details like Name, E-mail address, etc and click to "PROCEED".

How to tamper data of a website using Burp Suite


Step 11: You will be directed again to Burp Suite. Just forward all the packets without making any changes.

How to tamper data of a website using Burp Suite


Step 12: Forward this packet too.

How to tamper data of a website using Burp Suite


Step 13: You will be directed to final checkout process of the item. Now, click to “continue” for the payment.

How to tamper data of a website using Burp Suite


Step 14: Again, forward all the packets by clicking “Forward” option repeatedly.

How to tamper data of a website using Burp Suite


Step 15: Finally, we reached to the payment gateway to pay 00.00 amount. So, this is the whole procedure to modify a packet in the given website.

How to tamper data of a website using Burp Suite


Sadly, you won't be able to purchase anything using this technique as website are now less vulnerable. But yes this is a great technique for educational purposes.

Cheers

Sciencedoze.com 

Popular Posts

Conducting Polymers: Definition, Examples, Properties and Applications

Image
What are Conducting Polymers? As the name suggests organic polymers that conduct electricity are known as conducting polymers. They are also known as intrinsically conducting polymers (ICPs) and they have alternating single and double bonds along the polymer backbone (conjugated bonds) or that are composed of aromatic rings such as Phenylene, naphthalene, anthracene, pyrrole, and thiophene which are connected through carbon-carbon single bonds. Examples: Polyacetylene, Polypyrrole, Polyaniline, etc What is the reason behind conducting nature of these polymers? Conducting polymers comes in two forms that are doped conducting polymers and non-doped conducting polymers. The conductivity of non-doped conjugated polymers is due to the existence of a conductivity band similar to a metal. In a conjugated polymer, three of the four valence electrons form strong sigma bonds through sp² hybridization where electrons are strongly localized. The remaining unpaired electron of each carbon atom re
Read more

Crime Scene: Definition, Types and Characteristics

Image
What is a Crime Scene ? A place where the crime is committed or where the maximum physical evidence related to crime is found is known as a crime scene. A crime scene is a starting point of the investigation which provides information about the suspect and the victim. This helps to reconstruct the crime and fast resolution of the case. It is noted that the crime scene is not limited to a single place but may extend to a wider area depending upon the nature of the crime committed. For example, In a murder case where murder is done at one place and the body is disposed on another place. In this case, we have two crime scenes that give information about the crime. Types of Crime Scene Based on evidence found on the crime scene: 1. Primary Crime Scene The crime scene where the actual crime occurred or where more usable pieces of evidence were found is known as the primary crime scene. For example, A murder scene, theft, assault, etc. 2. Secondary Crime Scene The crime scene which is some
Read more

Documentation of the Crime Scene: Step by Step

Image
What is documentation of the crime scene and Why it is done? After securing the crime scene, the next most important step is documentation of the crime scene because documentation permanently records the crime scene and its physical evidence. Documentation should be done without any wastage of time as the scene and its evidence may get altered over time. The documentation should be done innovatively and the originality of the crime scene should be maintained and documentation should not have pauses or breaks, it should remain constant till the whole crime scene is documented. There are four main tasks of documentation that is note-making, photography, videography , and sketching . It should be noted that all four tasks are necessary and none is a substitute for another. For example, notes are not substitutes for photography, video is not a substitute for sketching, etc. Following are the sequence for crime scene documentation: 1. Note making Documentation of crime scene in the f
Read more