Burp Suite Tutorial [Hack Prices of Online Stores]

1
8835

Burp Suite, What the heck is it?

Burp Suite a suit of a number integrated tools which are used for security testing and vulnerability assessment. Burp suite is also used for various hacking purposes and is used by Hackers all around the world.

How to Change Prices of Online Products? (Introduction to Burp Proxy)

Burp Proxy is a tool which is a part of the set of tools integrated in Burp Suite and is used to intercept the traffic between the browser and the target application. This is used to perform a kind of man in the middle attack.

Limitation
This is effective when the data is not encrypted or a weak encryption is used by the website developer.
Please read the Disclaimer before reading further. This is strictly for educational purposes.

Steps:

1. Download the Burpsuite from here.

2. Open the tool and go to the proxy tab and in “options” column make sure “running” and “loopback only” are checked.

3. Now go to the target site and decide the item with whose price you want to play and add that item to your cart.

4. Now go to proxy setting of mozilla (mozilla should be you default browser if you are a techie) and make sure you have following setting.

mozilla configuration for burpsuite

5. Now as you can see below, this how is how your cart and price should look like.

www.hakcingtweaks.com hacking, prices of online prodcuts hack

6. Now in the proxy tab, make “interceptor on”.

bur proxy

7. Now go to the website and refresh the page, Firefox will ask for confirmation click on “resend” then.

8. Go to burpsuite and your interceptor tab will look something like this if the data is not using encryption.

burp suits tutorial

9. Simply change the price by editing it, I changed it to 0.03$ as you can see below and your task is done!!

www.hakcingtweaks.com hacking, prices of online prodcuts hack

This Article was Written by Shikhil Sharma

Shikhil Sharma is a young techie who has great interest in Cyber Security, Hacking, Penetration Testing, SEO, Vulnerability Assessment and loves to write about them.
Follow him on Facebook | Twitter

                 Website : Czar Securities