Burp Suite Essentials
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Configuring widely used browsers to proxy through Burp Suite

In this section, you will see how to configure commonly used browsers to proxy through Burp Suite.

Microsoft Internet Explorer

The following simple steps allow us to configure Microsoft Internet Explorer ready to be used with Burp Suite:

  1. Start Microsoft Internet Explorer.
  2. Click on Tools in the main menu bar.
  3. Click on Internet Options and choose the Connections tab:
  4. Click on LAN settings, as shown in the following screenshot:
  5. Check Use a proxy server for your LAN.
  6. Add localhost as the hostname and 8080 as the port number, as shown in the following screenshot:
  7. The address localhost and the port 8080 are the default values Burp Suite uses once it is started. You will have an opportunity to change this to something else later.
  8. At this point, once you click on OK, you have successfully configured Microsoft Internet Explorer to use Burp Suite as your interception proxy server.
  9. You can verify this by going to http://burp in your newly configured browser. You will see a welcome message on this page. If you don't see such a message, confirm that Burp Suite is running at this point. Take a look at the following screenshot:

Google Chrome

Google Chrome picks up the system's proxy settings. If, for some reason, that doesn't happen, here is how you can quickly configure Burp Suite as the interception proxy in it:

  1. Start Google Chrome.
  2. Click on the icon that looks like three horizontal parallel lines, which is used to customize and control Google Chrome. This is present in the top-right corner of the browser window.
  3. From the menu that opens up, click on Settings.
  4. Another way to reach the Settings page is through a URL chrome://settings/. Type this in the address bar, and you should be able to see some settings.
  5. Type Proxy in the search bar in the top-right corner, and you will get a button to change the proxy setting. Take a look at the following screenshot:
  6. You will notice this opens the same dialog box as the Microsoft Internet Explorer browser; you can follow the same steps from 4 till 9 and configure the proxy settings.

Mozilla Firefox

Just like Google Chrome, if you have set the interception proxy settings properly in Microsoft Internet Explorer, then you are already all set. While this is great, if we don't care about sending all the HTTP traffic of the system to Burp Suite, this is a problem. With Mozilla Firefox, we can ensure that intercepting proxy configuration only sends browser-generated traffic to Burp Suite. This is one reason Firefox is preferred for the testing and security assessment of web applications. The next set of steps allows us to configure Mozilla Firefox so that it is ready for use with Burp Suite:

  1. Start Mozilla Firefox.
  2. Click on Tools in the main menu bar and choose Options.
  3. Once the Options window opens, go to Advanced | Network, as shown in the following screenshot:
  4. Add localhost in the HTTP Proxy textbox and 8080 in the Port text box:
  5. Now, all your HTTP traffic from Mozilla Firefox will go through Burp Suite.
  6. By default, when Burp Suite starts, it starts with the intercept mode on. This means if you try to browse at this point, it would seem like nothing is happening. Behind the scenes, Burp Suite is in the interception mode and waiting for your input. At this point, you can either forward the request or switch off the intercept mode.
  7. You can toggle the intercept mode, forward the request, or even drop it:

Fine-grained proxy configuration

Configuring the proxy every time for the entire browser is cumbersome. Additionally, configuring the proxy sets the proxy browser wide. Mozilla Firefox has a rich tradition of extending the core functionality using browser add-ons. We will use one such add-on to get fine-grained control over what traffic should be proxied.

FoxyProxy Standard is a Mozilla Firefox add-on to get fine-grained control over proxy traffic. It automates the processing of settings required to use proxies in Firefox. Using FoxyProxy is quite simple.

If you haven't used an intercepting proxy before with any browser, you might not understand the reason why we should use a browser-specific add-on to set up the proxy configuration, but if you are planning to regularly use interception proxies in your work flow, the initial time spent will become an invaluable time saver going forward.

There are multiple reasons to use the FoxyProxy Standard add-on. Primarily, it allows us to ensure that we only send selective traffic to Burp Suite. We can configure FoxyProxy in such a way that only the actual target website that we want to test is forwarded to Burp Suite and the rest of the traffic is sent directly.

Setting up FoxyProxy

Follow these steps to set up FoxyProxy:

  1. Go to Tools | Add-ons in the main menu bar.
  2. In the search box present in the top-right corner, type FoxyProxy Standard.
  3. Click on the Install button present on the search results for FoxyProxy Standard.
  4. Restart the browser after the add-on is downloaded and installed.
  5. Once restarted, you will see a small fox icon next to the address bar within a red circle.
  6. Right-click on that icon and choose Options.
  7. Click on the Add New Proxy button present on the right-hand side, as shown in the following screenshot:
  8. This opens a new settings window. There will be three tabs visible. Add the same values for Host and Port here as well.
  9. Now click on the URL Patterns tab and add a new pattern. Add a new pattern name as example and an actual pattern as *example.com/*.
  10. We also need to add a pattern name, Burp, and a pattern, *burp/*, for that. This is a special URL that is required for its working.
  11. Now, we can click on OK to come back to the main FoxyProxy Standard window. In this window, we need to select the mode as Use proxies as their pre-defined patterns and priorities.
  12. Click on the Close button, and we have successfully configured FoxyProxy Standard for our purposes.

A good professional tip is to give a different color to every proxy that we set up using FoxyProxy. Many times, we may want to run multiple proxies on our machines, and the colors will indicate which proxy the data is being sent to.

Mozilla Plug-n-Hack extension

Mozilla has an interesting configuration extension called Plug-n-Hack that Burp Suite supports out of the box. Even though it seems like a very cool idea and makes it easy for people starting with this kind of setup, the current setup is a little tricky to get going. Perform the following steps:

  1. Download the add-on .xpi file from https://github.com/mozmark/ringleader.
  2. We can trust this link because Mozilla has mentioned it in their blog post, https://blog.mozilla.org/security/2013/08/22/plug-n-hack/.
  3. We can install the .xpi file using the Firefox Add-ons manager:
  4. Once installed, go to the URL http://burp/pnh in a new tab.
  5. Click on Configure your browser and enable the configuration after accepting the warning.
  6. This has installed the proper configuration required for Burp Suite for use as an interception proxy and some more additional configurations related to SSL handling.

Exclusive Firefox profile

It is advisable to create a new profile to add FoxyProxy or the Plug-n-Hack extension rather than working in your primary profile. Mozilla Firefox has a handy profile manager, which can be invoked using a command-line flag, and you can use it to create a security testing profile very easily:

/path/to/firefox-binary -ProfileManager

After issuing this command, the following window will appear:

上一章目录下一章