💡 Этот учебник переведен с английского с помощью ИИ. Чтобы просмотреть оригинал, вы можете перейти на английский оригинал
This lab introduces Hackbar, a powerful browser extension used by cybersecurity professionals for web application security testing. You will learn how to install and configure Hackbar, and use its features to test web applications for common security vulnerabilities. By the end of this lab, you will understand the basics of security testing and have practical experience with one of the most widely used security testing tools.
In this step, you will install the Hackbar extension in Firefox browser. Hackbar is a security testing tool that helps analyze and manipulate HTTP requests.
Browser extensions are small software programs that customize the browsing experience. Security extensions like Hackbar add specialized tools for security testing directly within your browser.
First, let's ensure Firefox is installed in our system:
sudo apt update
sudo apt install firefox -yAfter the command completes, you will see output indicating that Firefox has been installed or is already present.
We'll now install the Hackbar extension:
firefox &https://addons.mozilla.org/en-US/firefox/addon/hackbar/Click on the "Add to Firefox" button.
In the confirmation dialog that appears, click "Add" to confirm the installation.
After installation, you will see a notification that Hackbar has been added to Firefox.
To verify that Hackbar is properly installed:
Look for the Hackbar icon in the Firefox toolbar (usually appears as a small "HB" icon).
Click on the icon to open the Hackbar panel. You should see a toolbar with various security testing options appear below the address bar.
If you don't see the icon, click on the menu button (three horizontal lines in the top-right corner), select "Add-ons and themes", then click on "Extensions" to confirm Hackbar is listed.
The Hackbar interface consists of several sections:
Take a moment to explore the interface by clicking on different menu options to see what features are available.
Hackbar allows security professionals to:
Throughout this lab, you will learn how to use these features to conduct basic security tests.
In this step, you will learn how to use Hackbar for URL manipulation and encoding/decoding operations, which are fundamental skills for security testing.
For practice purposes, we will set up a simple test website. Open a new terminal and run:
mkdir -p ~/project/test-website
cd ~/project/test-websiteNow create a basic HTML file with a simple form:
cat > index.html << EOF
<!DOCTYPE html>
<html>
<head>
<title>Test Website</title>
</head>
<body>
<h1>Login Form</h1>
<form action="login.php" method="GET">
<label for="username">Username:</label>
<input type="text" id="username" name="username"><br><br>
<label for="password">Password:</label>
<input type="password" id="password" name="password"><br><br>
<input type="submit" value="Login">
</form>
</body>
</html>
EOFLet's start a simple HTTP server to host this page:
python3 -m http.server 8080You should see output indicating the server is running on port 8080:
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...Open a new Firefox window (leave the server running in the terminal) and navigate to:
http://localhost:8080You should see a simple login form with username and password fields.
Now let's use Hackbar to manipulate the URL:
Click on the Hackbar icon to open the Hackbar panel.
Click on the "Load URL" button to load the current URL into Hackbar.
You should see http://localhost:8080 in the URL field of Hackbar.
Try modifying the URL by adding a path, for example:
http://localhost:8080/index.htmlFill in the login form with test credentials (e.g., username: "admin", password: "password") and click the Login button.
Observe the URL in the address bar. It should look something like:
http://localhost:8080/login.php?username=admin&password=passwordThe page will likely show a "Not Found" error because login.php doesn't exist, but we're interested in the URL structure.
Open Hackbar again and click "Load URL" to load this new URL.
Security testing often involves manipulating URL parameters:
In Hackbar, locate the URL field containing the login URL.
Try changing the username parameter:
username=admin to username=admin'This simple change adds a single quote character, which is a common technique for testing SQL injection vulnerabilities.
Hackbar offers various encoding/decoding options:
In Hackbar, click on the "Encoding" menu to see available options.
Try URL encoding:
test space & specialTry Base64 encoding:
hackbar testTry decoding:
These encoding/decoding functions are essential when testing web applications for security vulnerabilities, as they allow you to manipulate data in various formats.
When you have completed this step, return to the terminal where the Python HTTP server is running and press Ctrl+C to stop it.
In this step, you will learn how to perform basic security testing using Hackbar. You will set up a vulnerable practice environment and test for common security vulnerabilities.
For ethical security testing practice, we'll set up a simple vulnerable PHP application. First, let's create the necessary files:
cd ~/project/test-websiteNow, create a simple vulnerable PHP file:
cat > login.php << EOF
<?php
// This is an intentionally vulnerable script for educational purposes only
// Get the username from GET parameter
\$username = isset(\$_GET['username']) ? \$_GET['username'] : '';
\$password = isset(\$_GET['password']) ? \$_GET['password'] : '';
echo "<h1>Login Results</h1>";
// Vulnerable to SQL injection (DO NOT USE THIS IN PRODUCTION!)
echo "<div>SQL query that would be executed:</div>";
echo "<pre>SELECT * FROM users WHERE username = '\$username' AND password = '\$password'</pre>";
// Check for SQL injection attempts
if (strpos(\$username, "'") !== false || strpos(\$password, "'") !== false) {
echo "<p style='color:red'>SQL Injection detected! In a real application, this might exploit a vulnerability.</p>";
}
// XSS vulnerability demonstration
echo "<div>Welcome back, " . \$username . "!</div>";
?>
EOFLet's start the PHP development server to run our vulnerable application:
php -S localhost:8080You should see output indicating that the server is running:
PHP 7.x.x Development Server started at ...
Listening on http://localhost:8080
Document root is /home/labex/project/test-websiteSQL Injection is a common vulnerability where attackers can manipulate SQL queries through user inputs. Let's test for it:
Open Firefox and navigate to our test application:
http://localhost:8080/Enter "admin" as the username and "password" as the password, then click "Login".
You should be redirected to a page showing the SQL query that would be executed:
SELECT * FROM users WHERE username = 'admin' AND password = 'password'Now, let's try a basic SQL injection attack. Click on the Hackbar icon to open it.
Click "Load URL" to load the current URL into Hackbar.
In the URL field, locate the username parameter and modify it to:
username=admin' OR '1'='1The full URL should look like:
http://localhost:8080/login.php?username=admin' OR '1'='1&password=passwordClick "Execute" to send the modified request.
Observe the response. You should see the SQL injection detection message and the modified SQL query:
SELECT * FROM users WHERE username = 'admin' OR '1'='1' AND password = 'password'This demonstrates how SQL injection can potentially modify the query logic. In a real vulnerable application, this might bypass authentication.
Cross-Site Scripting (XSS) is another common vulnerability where attackers can inject client-side scripts into web pages. Let's test for it:
Open Hackbar and click "Load URL" to load the current URL.
Modify the username parameter to include a simple JavaScript alert:
username=<script>alert('XSS')</script>Click "Encode" → "URL encode selection" to URL-encode the script. This is necessary because special characters in URLs need to be encoded.
The encoded URL should look something like:
http://localhost:8080/login.php?username=%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E&password=passwordClick "Execute" to send the modified request.
If the application is vulnerable to XSS, you should see a JavaScript alert popup saying "XSS". Our simple PHP script demonstrates this vulnerability by directly outputting the username parameter without proper sanitization.
Hackbar offers several other useful features for security testing:
In Hackbar, click on the "Headers" tab.
You can add custom headers like "User-Agent" or "Referer" to test how the application handles different client information.
Add a custom header:
User-AgentHackbarTester/1.0Click "Execute" to send the request with the modified header.
In Hackbar, click on the "Cookies" tab.
Here you can view and modify existing cookies or add new ones.
Try adding a new cookie:
test_cookiehackbar_valueClick "Execute" to send the request with the modified cookie.
Remember these important ethical guidelines:
When you have completed this step, return to the terminal where the PHP server is running and press Ctrl+C to stop it.
In this lab, you learned how to use Hackbar, a powerful browser extension for security testing. You have acquired fundamental skills including:
These skills form the foundation of web application security testing. As you continue your cybersecurity journey, you can build upon these basics to develop more advanced security testing techniques. Remember that security testing should always be performed ethically, with proper authorization, and in compliance with relevant laws and regulations.