Enter the scan method "nmap-sU" (UDP scan), configure the host address to be scanned as "192.168.0.1", and then click the "Scan" button to start the scan. The scan results will be displayed below.
The Domain Name System (DNS) is similar to a phone book on the internet. When a user enters a URL (such as "google.com") into their browser, its record in the DNS server directs the user to Google's origin servers.
In the terminal of the Kali Linux host, enter the commands "nping -c1 -tcpp80 -flag ack 192.168.0.1" and "nping -c1 -tcp -p135 -flag ack 192.168.0.1". This will send a TCP packet with the "ack" flag to ports 80 and 135 of the active host WinXP1.
By impersonating a domain name server and setting the query IP address to the attacker's IP address, users will only see the attacker's homepage instead of the homepage of the website they want to access.
The Javassist library is used to generate a dynamically generated Java class. This class contains a constructor that performs a specific operation. Below, I will explain the function and components of this code in detail.
``ClassPool classPool = ClassPool.getDefault();`
``CtClass clazz = classPool.makeClass("A");`
This retrieves the default class pool.
``makeClass("A")
``ClassPool classPool = ClassPool.getDefault();`
``CtClass clazz = classPool.makeClass("A");`
This retrieves the default class pool.
ClassPool is a Javassist class that manages the generated classes and bytecode.``makeClass("A")
creates a new class named "A". `CtClass is a Javassist class object that represents a Java class and can be used to modify the class's bytecode.FastJSON bypasses resolveClass: Starting with FastJson version 1.2.49, our JSONArray and JSONObject methods finally have their own readObject method. Additionally, the resolveClass method is overridden in the SecureObjectInputStream class, performing class checks by calling the checkAutoType method.
Modifying Client Request Interception
By adjusting the client request interception options in Burp Suite, you can control which requests are intercepted and viewed while you're working.
Browsing the internet and visiting other websites will only be intercepted by Burp Suite for items within its scope.
Follow these steps to modify your settings:
Navigate to the "Proxy" tab at the top of the Burp Suite interface.
Select the Proxy Settings sub-tab to access Burp Proxy settings.
In the "Request Interception Rules" section, you can define the conditions for capturing requests.
Enable "And /URL/is in target scope" and click OK.
Make the same changes in the "Response Interception Rules" section.
By adjusting the client request interception options in Burp Suite, you can control which requests are intercepted and viewed while you're working.
Browsing the internet and visiting other websites will only be intercepted by Burp Suite for items within its scope.
Follow these steps to modify your settings:
Navigate to the "Proxy" tab at the top of the Burp Suite interface.
Select the Proxy Settings sub-tab to access Burp Proxy settings.
In the "Request Interception Rules" section, you can define the conditions for capturing requests.
Enable "And /URL/is in target scope" and click OK.
Make the same changes in the "Response Interception Rules" section.
Adding an SSL Certificate to Your Browser
We must add a certificate to our browser to intercept and analyze encrypted communication between the client and server.
When your browser requests a secure website (HTTPS), the transmission is encrypted using SSL/TLS encryption. Burp Suite acts as a "man-in-the-middle" by intercepting and decrypting the communication using the generated certificate.
However, for this to happen, the client must trust the generated certificate. By importing Burp's CA certificate into the client's trust store, the client authorizes Burp Suite to perform the interception and decryption.
We must add a certificate to our browser to intercept and analyze encrypted communication between the client and server.
When your browser requests a secure website (HTTPS), the transmission is encrypted using SSL/TLS encryption. Burp Suite acts as a "man-in-the-middle" by intercepting and decrypting the communication using the generated certificate.
However, for this to happen, the client must trust the generated certificate. By importing Burp's CA certificate into the client's trust store, the client authorizes Burp Suite to perform the interception and decryption.