1
00:00:00,510 --> 00:00:07,620
‫As I said before, one of the main features of the Z attack proxy is not surprisingly being a personal

2
00:00:07,620 --> 00:00:08,130
‫proxy.

3
00:00:09,300 --> 00:00:16,140
‫You can use it as a personal proxy to intercept and tamper with the HTTP and HTTPS traffic between the

4
00:00:16,140 --> 00:00:17,180
‫browser and the server.

5
00:00:18,470 --> 00:00:22,160
‫We are already seen a personal proxy by now, which is Burp Suite.

6
00:00:23,630 --> 00:00:27,620
‫And the interception feature of Zap works a little differently from Burp Suite.

7
00:00:27,980 --> 00:00:30,500
‫So let's see how Zap intercepts the traffic.

8
00:00:33,050 --> 00:00:35,600
‫So I want to start a new session to avoid the complexity.

9
00:00:36,740 --> 00:00:41,000
‫From the file menu, select new session and click, OK.

10
00:00:42,500 --> 00:00:43,940
‫Now let's go to the options panel.

11
00:00:44,830 --> 00:00:49,860
‫To open the panel, you can use the options icon from the menu bar, which looks like a wheel.

12
00:00:50,800 --> 00:00:56,860
‫Alternatively, you can select options from the tools menu, or you can even use the key command control

13
00:00:56,860 --> 00:01:03,670
‫alt oh two over the options panel, so the left side of the options panel select local proxies.

14
00:01:04,420 --> 00:01:09,520
‫Here you see the local proxy address, which is the local machine by default and the listening port

15
00:01:09,520 --> 00:01:12,040
‫again eight zero eight zero by default.

16
00:01:12,730 --> 00:01:18,640
‫Zap starts to listen to the port eight zero eight zero when it started, so click OK to close the panel

17
00:01:18,640 --> 00:01:19,060
‫for now.

18
00:01:19,870 --> 00:01:23,500
‫But unless check to be sure if the port eight zero eight zero is open.

19
00:01:24,450 --> 00:01:33,540
‫Opening terminal screen use netstat NLP to list the TCP ports, which are in listening mode and as you

20
00:01:33,540 --> 00:01:37,290
‫see the state of the port, eight zero eight zero is listen.

21
00:01:37,650 --> 00:01:42,330
‫And a Java application Zap is listening to the port.

22
00:01:43,890 --> 00:01:45,600
‫OK, so let's open a browser window now.

23
00:01:45,900 --> 00:01:51,480
‫Here is Firefox with foxy proxy plug in install, so right click the Fox icon.

24
00:01:51,930 --> 00:01:56,070
‫We are ready to find a proxy for the four zero eight zero the local machine.

25
00:01:56,490 --> 00:01:57,450
‫Select the proxy.

26
00:01:58,620 --> 00:01:59,970
‫And now there's a site.

27
00:02:00,600 --> 00:02:03,990
‫Make sure you visit in HTP page.

28
00:02:04,770 --> 00:02:09,270
‫We'll see intercepting HTTPS traffic WhatsApp in the next lecture.

29
00:02:10,290 --> 00:02:13,080
‫So I'll visit OWASP Broken Web Application.

30
00:02:13,260 --> 00:02:23,130
‫As you know, UWW Dot, OWASP, BW Wacom is mapped with the IP address of my OWASP BW, a virtual machine

31
00:02:23,940 --> 00:02:27,200
‫and visit a page on the OWASP BWR website.

32
00:02:27,840 --> 00:02:30,990
‫I click, for example, OWASP Web Goat Link.

33
00:02:32,130 --> 00:02:33,150
‫So turn back to zap.

34
00:02:33,930 --> 00:02:41,640
‫You'll see that WW Dot, OWASP, BW Wacom folder is created and it has a web goat subfolder in it.

35
00:02:42,120 --> 00:02:44,370
‫So now let's visit another page on the web site.

36
00:02:45,000 --> 00:02:49,260
‫Click Dam Vulnerable Web Application in this app window.

37
00:02:49,620 --> 00:02:53,120
‫We have another subfolder for DVD now.

38
00:02:55,300 --> 00:03:05,260
‫In Firefox, I log in to DVD way and visit the excess reflected page here to ask my name, and when

39
00:03:05,260 --> 00:03:07,060
‫I enter the name and click Submit.

40
00:03:07,390 --> 00:03:08,170
‫It says hello.

41
00:03:09,340 --> 00:03:10,630
‫So go to this app window.

42
00:03:11,260 --> 00:03:16,600
‫There is another subfolder with the name vulnerabilities under the DVD subfolder.

43
00:03:17,530 --> 00:03:24,730
‫And here are the visited pages I find the requests for reflected excess page, right click on it and

44
00:03:24,730 --> 00:03:27,070
‫select Break and click Save.

45
00:03:27,790 --> 00:03:35,530
‫Now there is a breakpoints tab in the bottom pane and the link of the access has reflected.

46
00:03:35,530 --> 00:03:37,990
‫Page is here as a break point.

47
00:03:39,260 --> 00:03:43,730
‫So now go back to Firefox again and revisit the excess reflected page.

48
00:03:44,830 --> 00:03:48,610
‫And as soon as we click the link, the Zap window becomes the active one.

49
00:03:49,270 --> 00:03:50,170
‫Look at the right pane.

50
00:03:50,680 --> 00:03:52,510
‫There's a new tab pane called break.

51
00:03:53,200 --> 00:03:56,410
‫And here is the request sent by the browser.

52
00:03:57,280 --> 00:03:59,440
‫Now there are buttons on the menu bar.

53
00:04:00,130 --> 00:04:04,630
‫This one submits your changes on the request and steps to the next packet.

54
00:04:05,110 --> 00:04:09,370
‫And this one submits your changes and continues to the next breakpoint.

55
00:04:09,700 --> 00:04:14,830
‫Remember that different now click them to release to traffic and go back to the browser.

56
00:04:15,430 --> 00:04:17,830
‫Now on the reflected excess page.

57
00:04:18,340 --> 00:04:21,130
‫All right, Jack is the name and click Submit.

58
00:04:21,640 --> 00:04:25,390
‫So again, request is intercepted by Zap, and here it is.

59
00:04:25,690 --> 00:04:31,780
‫I find the name parameter convert jack to William and click the Submit and Continue button.

60
00:04:32,930 --> 00:04:39,560
‫So I go back to the browser, as you see, we submitted Jack from the browser, but the result is Hello,

61
00:04:39,560 --> 00:04:40,040
‫William.