hack the box ~魔法使いへの道~ (その18) Burp Suite 環境構築

htb

はじめに

前回,HTBでUnderConstructionをやっていたところ,Burp Suiteで躓いてしまい今回はその使い方をやっていきます.

hack the box ~魔法使いへの道~ (その17) Under Construction(前編)
今回はBeginner TrackのUnder Constructionを参考に攻略していきたいと思います.

wgetのインストール

┌──(maki㉿kali)-[~]
└─$ sudo apt -y install wget
[sudo] password for maki: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
  libdrm-intel1
Use 'sudo apt autoremove' to remove it.
The following packages will be upgraded:
  wget
1 upgraded, 0 newly installed, 0 to remove and 867 not upgraded.
Need to get 984 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://http.kali.org/kali kali-rolling/main amd64 wget amd64 1.21.3-1+b2 [984 kB]
Fetched 984 kB in 1s (865 kB/s)
(Reading database ... 560708 files and directories currently installed.)
Preparing to unpack .../wget_1.21.3-1+b2_amd64.deb ...
Unpacking wget (1.21.3-1+b2) over (1.21.3-1+b1) ...
Setting up wget (1.21.3-1+b2) ...
Processing triggers for install-info (6.8-6) ...
Processing triggers for kali-menu (2022.2.0) ...
Processing triggers for man-db (2.10.2-1) ...

google-chromeをwgetでインストール

┌──(maki㉿kali)-[~]
└─$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
--2022-08-19 19:11:35--  https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
Resolving dl.google.com (dl.google.com)... 142.250.206.238, 2404:6800:400a:804::200e
Connecting to dl.google.com (dl.google.com)|142.250.206.238|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 89863696 (86M) [application/x-debian-package]
Saving to: 'google-chrome-stable_current_amd64.deb'

google-chrome-stable_current_amd64.deb                    100%[=====================================================================================================================================>]  85.70M  6.73MB/s    in 12s     

2022-08-19 19:11:48 (7.10 MB/s) - 'google-chrome-stable_current_amd64.deb' saved [89863696/89863696]

google-chromeをインストール

┌──(maki㉿kali)-[~]
└─$ sudo apt install ./google-chrome-stable_current_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'google-chrome-stable' instead of './google-chrome-stable_current_amd64.deb'
The following package was automatically installed and is no longer required:
  libdrm-intel1
Use 'sudo apt autoremove' to remove it.
The following additional packages will be installed:
  libu2f-udev
The following NEW packages will be installed:
  google-chrome-stable libu2f-udev
0 upgraded, 2 newly installed, 0 to remove and 867 not upgraded.
Need to get 6300 B/89.9 MB of archives.
After this operation, 294 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://ftp.riken.jp/Linux/kali kali-rolling/main amd64 libu2f-udev all 1.1.10-3 [6300 B]
Get:2 /home/maki/google-chrome-stable_current_amd64.deb google-chrome-stable amd64 104.0.5112.101-1 [89.9 MB]
Fetched 6300 B in 5s (1208 B/s)
Selecting previously unselected package google-chrome-stable.
(Reading database ... 560708 files and directories currently installed.)
Preparing to unpack .../google-chrome-stable_current_amd64.deb ...
Unpacking google-chrome-stable (104.0.5112.101-1) ...
Selecting previously unselected package libu2f-udev.
Preparing to unpack .../libu2f-udev_1.1.10-3_all.deb ...
Unpacking libu2f-udev (1.1.10-3) ...
Setting up google-chrome-stable (104.0.5112.101-1) ...
update-alternatives: using /usr/bin/google-chrome-stable to provide /usr/bin/x-www-browser (x-www-browser) in auto mode
update-alternatives: using /usr/bin/google-chrome-stable to provide /usr/bin/gnome-www-browser (gnome-www-browser) in auto mode
update-alternatives: using /usr/bin/google-chrome-stable to provide /usr/bin/google-chrome (google-chrome) in auto mode
Setting up libu2f-udev (1.1.10-3) ...
Processing triggers for mailcap (3.70+nmu1) ...
Processing triggers for kali-menu (2022.2.0) ...
Processing triggers for desktop-file-utils (0.26-1) ...
Processing triggers for man-db (2.10.2-1) ...
N: Download is performed unsandboxed as root as file '/home/maki/google-chrome-stable_current_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

google-chromeの起動

┌──(maki㉿kali)-[~]
└─$ google-chrome
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
[2392:2392:0819/193253.714978:ERROR:gpu_memory_buffer_support_x11.cc(44)] dri3 extension not supported.
[2432:8:0819/193253.900302:ERROR:command_buffer_proxy_impl.cc(128)] ContextResult::kTransientFailure: Failed to send GpuControl.CreateCommandBuffer.
Fontconfig error: Cannot load default config file: No such file: (null)
[2392:2392:0819/195229.815503:ERROR:gl_utils.cc(319)] [.WebGL-0x19dc003be200]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
[2392:2392:0819/195230.156634:ERROR:gl_utils.cc(319)] [.WebGL-0x19dc003be200]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
[2392:2392:0819/195230.237719:ERROR:gl_utils.cc(319)] [.WebGL-0x19dc003be200]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
[2392:2392:0819/195230.331717:ERROR:gl_utils.cc(319)] [.WebGL-0x19dc003be200]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels (this message will no longer repeat)

無事に起動できました.

Burp suiteの起動

┌──(maki㉿kali)-[~]
└─$ burpsuite 
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Your JRE appears to be version 11.0.16 from Debian
Burp has not been fully tested on this platform and you may experience problems.

起動しましたら「Proxy」タブから始まりブラウザを起動してURLをコピペしたら無事にインターセプトできました.

参考サイト

*1hack the box ~魔法使いへの道~ (その17) Under Construction(執筆中)

コメント

タイトルとURLをコピーしました