Jump to content

Search the Community

Showing results for tags 'Burp'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 2 results

  1. Hello Wonderful People, So I'm hitting a snag with an attack I'm trying to carry out and could really use anyone's help trying to troubleshoot this. I've got the theory down and get half way but can't seem to jump the last hurdle. So here's the jist, I'm trying to MitM devices connecting to my TETRA using Burp Suite to capture any HTTP or HTTPS traffic so that I can observe/modify (you know the drill) the HTTP/S traffic. Thing is, I can capture the traffic and MitM successfully with the TETRA (I am able to see all traffic passing through my attack machine within Wireshark). However, I can't seem to get that traffic into Burp. I'm only interested in sending HTTP/S traffic to Burp, all other traffic can head on out to the Internet. I've tried using iptables rules to preroute the traffic bound for dport 80 or 443 to the Burp Proxy listening on 8080 (and tried individual listeners on 80 and 443 to no avail), but no traffic seems to get to it... well to an extent. If I grab the HTTP header of google.com whilst routing traffic to Burp, I can grab a HTTP header for Burp itself. Here's a diagram because I like making them: Attackers IP (Eth1) is 172.16.42.42 Eth0 IP is 192.168.0.10 (LAN has Internet connectivity via gateway at 192.168.32.1) ETH0 and 1 are wired (I wire into the ETH port of my TETRA). Mobile devices are connecting via WiFi (PineAP). It's simple enough in my head, have all traffic coming in over ETH1 that is destined for 80 ro 443 re-route to the Burp Listener... but it doesn't seem to work correctly. Here's the iptables rules I was creating to try and route the traffic (applied on the attackers machine): iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 127.0.0.1:8080 iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to 127.0.0.1:8080 And ip forwarding is enabled on the attackers machine with: sysctl net.ipv4.ip_forward=1 I'm still trying out stuff, next thing is to route HTTP/S traffic from ETH1 to LO (seeing as the listener is on LO 127.0.0.1:8080), but I know from previous posts their are legends on these forums and would appreciate some pokes in the right direction if anyone has any ideas. And yes, I did look around the forums and on the Internet, but I can't seem to find the thing that works. Any thoughts are welcome. Think this might be a cool addition to the forums if we can get it going. Thanks.
  2. I'd like to send all http traffic from Pineapple clients through Burp Proxy. Here is my setup: I have a Kali Linux box is providing internet to the Pineapple via ethernet using the wp5.sh script. At this point Pineapple clients are able to internet access just fine. I start Burp and it's listening on all interfaces on port 8080 in invisible mode. I think I should be able to send all of the Pineapple traffic through Burp using iptables, but I am not sure how to do so. I thought running the following on the Kali box would do it: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080 But after running that my Pineapple clients have no internet access. Any idea what I'm doing wrong? I have tested Burp Proxy without the Pineapple and it is working, so I think I just need to sort out how to send the Pineapple traffic to Burp.
×
×
  • Create New...