# Burp Suite: Intruder
**Task 1: Introduction**
**Task 2: What is intruder**
**Task 3: Positions**
**Task 4: Payloads**
**Task 5: Sniper**
**Task 6: Battering Ram**
**Task 7: Pitchfork**
**Task 8: Cluster Bomb**
**Task 9: Introduction to Attack Types**
**Task 10: Practical Example**
First we have to download the leak credentials in the Bastion Hosting
We will using wget command to retrieve the zip file and just unzip it
```
wget http://10.10.114.29:9999/Credentials/BastionHostingCreds.zip
unzip BastionHostingCreds.zip
```
Then in the login form we are going to input some random stuff in the username and password parameter
We will catch the POST method from the website using Burpsuite and forward this request to intruder section
Then we are going to put section sign symbol in both username and password as you can see below.
We also going to use the Pitch Fork attack type which will read the username.txt and password.txt simultaneously. This attack will simultaneously input the word from the wordlist to the given parameters
First Payload set we will specify the username.txt that will go to username parameter
Then the second payload set we will specify the password.txt that will go to password parameter
After that we star the attack we can see here that there is a differnt length of size of the byte from the POST request. That notify us that credential actually goes through the system and it does not return fail status
**Task 11: Practical Challenge**
First we have to login for us to have a user in the website
* m.rivera
* letmein1
As we logged in we will see the support section of the website where we can see bunch of assigned tickets.
By looking at the ticket 78 we can see some query or the message from the email.
As you can see at the top we can change the parameter from 78 to any number that we want
Therefore, we are going to intercept the GET request from the website so that we can navigate to different ticket number ranging from 1 - 100.
Then we just forward this to intruder so that we can fuzz some number
But first i actually made a python script that will produce or create a number list ranging from 1 to 100 and it will save to a txt file
```
number = 0
with open("python1to100.txt","w") as file:
for i in range(100):
number = number + 1
file.write(str(number) + "\n")
print(number)
```
After we made a umber list we will now use it and insert it to the payload setting in Burp
Just start the attack and we can see that here are bunch of 200 http code that we got and one of the GET request actually returns the thm flag and it is located at ticket 83
**Task 12: Extra Mile Challenge**
First we have to access the admin login page then just put random character in the username and password box while our burp is intercepting the http traffic
Then we can see here in the burp that we intercepted the POST request from the website.
Now we will just forward this to intruder
We will pick the "Pitchfork" attack type like the previous challenge then we will add section symbol in the username and password parameters
For the first payload wordlist we will use the username.txt again
Then for the second payload set we will use the password.txt again from the zip file that we unzipped earlier
