Enter burp proxy suite. I know, I know, it is proprietary, closed source, cpu and memory hogging java application. But hey, if the alternative for the colleague to stay in Windows, anything counts.
As good as the program is, it remains to be proxy application. This posed a problem because the developer had to intercept http requests from a stand-alone application.
While intercepting network-originating requests is not trivial, on Linux there is simple way to redirect local traffic to the burp proxy. The trick is to run the program in "invisible proxy" mode using "root" account and redirect all traffic coming from certain user to port 80 through the proxy. This solves the catch22 problem of "intercepting all outgoing requests".
Here are the commands that accomplish that:
sudo iptables -t nat -I OUTPUT -p tcp --dport 80 -m owner \An nice advantage of the burp proxy over fiddler is that developer can choose to modify the request on-the-fly. Now I have something to brag about to all fiddler-wielding windows losers :) .
--uid-owner evgeny -j REDIRECT --to-port 8080
sudo java -jar burpsuite_v1.3.03.jar
sudo iptables -t nat -D OUTPUT -p tcp --dport 80 -m owner \
--uid-owner evgeny -j REDIRECT --to-port 8080
2 comments:
and how to reset it back to normal mode where it is not being routed to 8080
The second iptables command in the post deletes the redirection rule. If you put all three commands in the same script and exit burp gratefully, the deletion will happen automatically.
You can also use this wrapper script to set up redirection, run burp and clean up afterwards: run_burp.sh
Post a Comment