Learn how to Intercept web traffic to and from the HacMe site using Vega as a proxy.
- [Lecturer] We can actively test a website with Vega by monitoring the traffic flowing between a browser and a website. Vega will look for security issues through passively scanning the pages it sees. And we can actively test for issues by manipulating request data. This is known as Proxy Mode Operation because we configure our browser to send HTTP requests to Vega which will then send them on to the internet. Likewise the responses will return to Vega and Vega will pass them back to our browser. This lets a pen tester review the full requests and response information to decide whether there are any security concerns.
If there are, they can be investigated as to whether they're exploitable. To use proxy mode, we need to configure Iceweasel to connect to the internet via Vega. Firstly, let's check what proxy port Vega expects to listen on. Let's open Window, Preferences and expand the Proxy item. We can click on Listener to see what Vega listens on, Port 8888 for outgoing web traffic. We could change this but it's fine as we can configure Iceweasel the same way. Okay, let's close this.
I'll select Iceweasel's options at the top right and select Preferences, Advanced, Network, Settings and set the Manual Proxy Configuration to 127.0.0.1, Port 8888. And I'll Use This Proxy Server For All Protocols, okay. That's it, Iceweasel is now in Proxy Mode. We can see at the bottom of the Vega window that the proxy server isn't running.
Let's start proxying. I'll select the Proxy tab at the top right and under the menu at the top left, there are now a set of proxy controls. I'll press the green start icon to start up the proxy server. We can now see at the bottom that the proxy is running on one listener. Back in Iceweasel, I'll now connect to the Hacme Casino. I'll log in as probably black jack. Browse on the site a while and perhaps do a bit of gambling.
Okay, back in Vega, we can see that 10.0.2.10 now appears on the left hand website view and then the get Requests in the top half of the proxy panel. When I select the Requests, its contents are presented in the bottom panel. I can switch it to the Response tab in the bottom panel and see the response that came back. Note that we have a red circle at the bottom left when I click on this, the Scanner Alerts panel comes up. This shows five issues relating to the pages we've visited which it detected as we were browsing. I'll press the circle again to close this.
Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Dissecting HTTP/HTTPS protocol
- Working with WebSockets
- Understanding cookies
- Installing testing tools such as Hacme Casino and the Vega Scanner
- Running web application tests
- Practicing your skills