I have recently started using Burp as a proxy for hunting bugs on websites and I see many submissions where people have intercepted and modified requests/responses to exploit certain logic flaws in web applications. However, this is possible only because we have installed Burp’s certificate in our browser that allows it to decrypt the traffic to and from the web application. However, in a realistic scenario, the attacker would have to conduct a MITM attack to intercept/modify traffic. This makes me wonder what the point is of traffic interceptions using Burp.
i want to performing Intruder attack using request but the response it not in same post i think it can make that by using macros,I have not succeeded yet
I have set up Burp proxy to intercept requests of an Android app. I am able to intercept app API calls except for live video streams. I am not aware of how the video stream is implemented but assuming there should be WebSocket or HTTP requests made to stream video.
Please help me how can I intercept live streaming. My aim is to stream video on a laptop.
I am trying to intercept the Traffic of my iPhone default mail client. I have burp suite setup with the certificate installed correctly cause I get traffic from the browser but I don’t see the traffic from my mail app.
Could someone help me out what this is happening ?
I’m trying to change the value of a cookie using the Burp option, “Match and Replace”. Here is my configuration: Item: Request header Match: cookieName:.*; Replace: cookieName:myValue; Type: Literal.
Unfortunately, it does not work with this configuration. Do you have any suggestions?
The first point, that it updates with new release. So if somebody discovered new payload for popular frameworks, it will be in burp only with new release. May the burp app loads payloads from internet sources?
P.S. Except plugins =)
I created a hotspot on wlp2s0 and connected an android device, whose IP is 10.42.0.62.
I am trying to route my all packets from my wlp2s0 interface to burp proxy which running on 8080 and I also enabled invisible proxy, but still no luck
I am routing packets using this firewall rule
iptables -t nat -A PREROUTING -s 10.42.0.62 -p tcp -j REDIRECT --to-ports 8080
After enabling this rule Internet access on device stops working means rule is working, but burp proxy is not showing any data flow.
Please anybody point out what I am doing wrong, I wasted many hours in this.
Update: I was trying Burp Proxy on PC browser and was playing with proxy settings like Socks5 and resolve dns over Socks5 and then burp proxy stopped working even on PC browser. So I think when I route packets through Burp then it not resolves DNS queries and then my android stucks at DNS requests and there is no flow of TCP packets, that’s why Burp Not showing anything. So, I think main question is how we can resolve DNS queries through Burp Proxy.
I’ve pentested a lot of websites and a few apps too but this app eludes them all. On the websites, when there’s a
websocket upgrade the BURP proxy recognizes it and starts showing it in the websockets tab. Somewhat similar happens on the apps, but not on this one.
This app doesn’t do any such thing.
How this app works :
- Gets it’s websocket endpoints from a config, downloaded from a website. Then ‘mysteriously’ it makes a connection to the websocket server, which isn’t visible in the BURP proxy.
My Setup : 1. Rooted phone with frida running and objection framework for ssl unpinning ( although not needed here, as I am already able to see all the http(s) traffic from the app ).
FYI I’ve added my BURP cert as root authority in my android 7.0 phone.
I’ve also tried ‘invisible proxying’ ( not sure how it works ) didn’t work either.
Any ideas would help ?
Our rails application has a feature where admin can from trigger sending verify email to users that haven’t been verified yet but not to verified ones.
However, it was pointed out that by intercepting this PUT request and modifying the id to another one it was possible to send verify email even to the already verified users thereby confusing them.
How do I make sure that I can find out that the request was tampered with.
I can keep track of the users sent invites to and how many times but it still doesn’t solve the problem that anyone can trigger an email to anyone if the know or guess their user id which again is visible from in the user details page in the format
I’m not sure how do I solve this problem.