Is there a difference between editing HTTP messages manually or with burp for example? (WebGoat HTTP intercept exercise “problem”)

I am diving now into WebGoat, there’s this little exercise in the “general” tab calle d “http proxies” which asks you to use zap/burp to intercept and modify a request, this is what is being us asked.

enter image description here

I understood what is being us asked to do, but I don’t understand why if I change it manually it doesn’t work, whereas if I use the burp button “change request method” does, as it’s the same text at the end, am I missing something?

This is the original request

And here after I modify it with the button

The only difference is that I write that GET string manually and then add the ?changeMe=Requests+are+tampered+easily I don’t understand why it won’t work and it’s driving me nuts.

Oh and another thing, if I enter the x-request-intercepted:true below Cookie sometimes wont work, is it being considered body or what? (there isn’t a break line)

Script to intercept Modbus TCP payload

I am trying to create a Scapy script to modify payload of Modbus TCP packets (function code 3 & 2), but could not succeed. Script is not intercepting traffic and modifying payload.

Is there anyone out there who is successful in intercepting Modbus TCP packets? Is there a sample script available with anyone? I am trying to modify ModbusPDU03ReadHoldingRegistersResponse and ModbusPDU02ReadDiscreteInputsResponse in payload.

How to intercept data my TV communicator sends and receives?

I wish to check how and what is being sent when I interact with my TV via the remote that talks to the communicator box (not smart tv). I am curious what protocols are used, and how often does the communicator phones home. Does it send encrypted data or not. The ISP is also my TV network provider.

To tackle this question I tried to use a recently obtained knowledge of ARP poisoning. I installed a Kali Linux and used arpspoof. I also enabled IP forwarding and launched Wireshark but failed to receive any kind of packets that I could attribute to my communicator box. The TV also continued to operate normally which leads me to 2 theories:

  1. My ARP poisoning failed, that is why TV worked normally and Wireshark failed to show any packets.
  2. ARP poisoning worked, TV continued to work so IP forwarding must have worked too, but why would Wireshark then not capture anything?

Prior to that, I tested ARP poisoning on a 2nd home PC and successful intercepted traffic.

What are my options? Any alternatives to ARP spoofing if I wish to observe traffic my home appliances are sending to the internet? A special kind of router to put between TV communicator and the rest of the home network?

Localhost intercept not working for burp suite

I configured my Firefox proxy to send my php website traffic running on localhost to burp suite for intercept but its not intercepting anything.My firefox and burpsuite configurations here.I’ve tried using different port other than 8080,went to about:config and enable localhost hijacking but still it wont work.Days ago it was working fine but now its not.

Magento 2 Intercept Route

I got a small question. I have custom products/categories in my shop. Now depending on the user, it may or may not visit the specific category or product. Is there an event or other way to ‘hook’ into, or ‘intercept’ a route and execute some logic?

For example: i have customer x and customer y, product x and category x customer y does not have access to category x, i want to redirect the customer to the homepage when the customer visits category-x.

Thanks in advance,

Is it possible to intercept messages from email address or phone number that is expired? if yes, how?

I used to have an email account for receiving important messages but it was deleted by the email provider in which they claimed that deletion of the email address is still in progess but cannot be reversed. I desperately need that email address to receive important messages bascially i wonder if its still possible to intercept messages that were sent to the email address If yes, how? Also does this work on phone number as well? is it possible to intercept SMS that is sent to phone numbers in which {the phone number) is no longer in service?

In other words—if someone send a message to that email address/phone number, is it possible to intercept that message before it reached the email address/phone number? If yes, how?

Intercept Onepage\SaveOrder

I’m trying to add a certain process in the Magento\Checkout\Controller\Onepage\SaveOrder so I decided to implement a plugin for that. But after creating the di.xml and the classes needed when I try to purchase an item and fillout all the shipping details and selected the needed payment method. Upon submission of the order I was expecting for the function to be run. But somehow it’s not being called. Can any help me with this or if anyone has any idea what I did wrong. Below are my codes

content of di.xml

<?xml version="1.0"?> <config xmlns:xsi="" xsi:noNamespaceSchemaLocation="../../../../../lib/internal/Magento/Framework/ObjectManager/etc/config.xsd">    <type name="Magento\Checkout\Controller\Onepage\SaveOrder">         <plugin name="Custom_Module_Plugin" type="Custom\Module\Plugin\SaveOrderPlugin" sortOrder="10" />     </type> </config> 

content of SaveOrderPlugin.php

<?php  namespace Custom\Module\Plugin;  class SaveOrderPlugin {        public function aroundExecute(\Magento\Checkout\Controller\Onepage\SaveOrder $  subject, \Closure $  proceed)     {         // logging to test override             $  logger = \Magento\Framework\App\ObjectManager::getInstance()->get('\Psr\Log\LoggerInterface');         $  logger->debug("********** " . __METHOD__ . ' - ' . __LINE__);          // call the core observed function         $  returnValue = $  proceed();           // logging to test override                 $  logger->debug("********** " . __METHOD__ . ' - ' . __LINE__);          return $  returnValue;     } } ?> 

As you can see I was expecting an output in the console log as shown below but this does not show. Also I tried intercepting other classes like Magento\Quote\Model\QuoteManagement and it worked as expected. But the reason I want to override the Magento\Checkout\Controller\Onepage\SaveOrder is primarily because I want to retrieve a certain parameter when the order of item is submitted.

Anyone have an idea what I did wrong here?

Unable to intercept android app traffic neither in Burp Suite nor in Network Profiler. Can anyone help?

I need to perform MITM attack on an app which doesn’t use HttpURLConnection and OkHttp libraries for network connection.

Analysis : 1. Configured burp on the devices, able to capture request of chrome browser but not the test app. 2. Wireshark is showing, communication of test app is happening on TLS 1.2 only. 3. Tried Network profiler of android studio but nothing shown.

What we should do if network connection is done with ‘CURL’ which I am not very familier with?