Burp Suite Session Poisoning

I am unfortunately not talking about poisoning a session to which you are connected – I’m taking about poisoning yourself during a session capture. I use Ice Weasel on Kali Linux, and since it is essentially the same thing as Fire Fox, it copies the default behavior of showing you previews of other websites whenever you open a new tab. So I would open a new tab to try another page in isolation and would watch the site map explode with all sorts of annoying websites such as jquery, Microsoft, add sites, even Facebook, so I changed the settings to show a blank page instead.

I won’t knock on Offensive Security for not wanting to custom compile their own settings into Ice Weasel for every distribution, but if you are using Kali, you may want to think about this before doing any application testing. It’s merely an annoyance at first, but I’m recording it so I don’t forget next time (I have some version of Kali on almost every device I own, whether as a dual-boot option, a virtual machine, or the base operating system).


Check Your Hash Values

I fully converted my Windows 8.1 virtual machine into a server box today and set up a default C#.NET website that can be accessed over my local network. In wanting to learn Burp Suite for application testing, I wanted to make sure I could build and test vulnerable applications, since I learn better that way.

Well, I realized there were a lot of things I would want to test over the network from my Windows laptop, but setting up the appropriate testing programs on the laptop just was not feasible. I had a Kali virtual machine installed, but loading it would often bring the system to a crawl, so I decided that dual booting Kali would be the best solution.

Several failed installs, two wasted DVD-Rs, and several hours later, I realized that the Kali ISO I was using was a partial download on my Linux box that had caused me some trouble in the past. And I had forgotten to delete it. My go-to ISO was on my other Windows box (you can tell I enjoy operating systems, no?), and it has the proper SHA1SUM.

Oh, and for the record, that sum for the 64-bit 2016.1 version is deaa41c5c8f26b7854cafb34b6f1b567871c4875 . I had to use the wayback machine to get this, since they recently released the 64-bit 2016.2 version, which has a hash of 25cc6d53a8bd8886fcb468eb4fbb4cdfac895c65 . Finding that online was nearly impossible, which is surprising to me but a good reminder that I am responsible for my own documentation.

Just one…

sudo dd if=<myfolder>/kali-linux-2016.1-amd64.iso of=/dev/sdf

…later, and things are happy.

So I just wanted to share, please check your hash values. And while you’re at it, don’t leave corrupted files around.