Search the Community
Showing results for tags 'Burp'.
Hello Wonderful People, So I'm hitting a snag with an attack I'm trying to carry out and could really use anyone's help trying to troubleshoot this. I've got the theory down and get half way but can't seem to jump the last hurdle. So here's the jist, I'm trying to MitM devices connecting to my TETRA using Burp Suite to capture any HTTP or HTTPS traffic so that I can observe/modify (you know the drill) the HTTP/S traffic. Thing is, I can capture the traffic and MitM successfully with the TETRA (I am able to see all traffic passing through my attack machine within Wireshark). However, I can't seem to get that traffic into Burp. I'm only interested in sending HTTP/S traffic to Burp, all other traffic can head on out to the Internet. I've tried using iptables rules to preroute the traffic bound for dport 80 or 443 to the Burp Proxy listening on 8080 (and tried individual listeners on 80 and 443 to no avail), but no traffic seems to get to it... well to an extent. If I grab the HTTP header of google.com whilst routing traffic to Burp, I can grab a HTTP header for Burp itself. Here's a diagram because I like making them: Attackers IP (Eth1) is 172.16.42.42 Eth0 IP is 192.168.0.10 (LAN has Internet connectivity via gateway at 192.168.32.1) ETH0 and 1 are wired (I wire into the ETH port of my TETRA). Mobile devices are connecting via WiFi (PineAP). It's simple enough in my head, have all traffic coming in over ETH1 that is destined for 80 ro 443 re-route to the Burp Listener... but it doesn't seem to work correctly. Here's the iptables rules I was creating to try and route the traffic (applied on the attackers machine): iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 127.0.0.1:8080 iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to 127.0.0.1:8080 And ip forwarding is enabled on the attackers machine with: sysctl net.ipv4.ip_forward=1 I'm still trying out stuff, next thing is to route HTTP/S traffic from ETH1 to LO (seeing as the listener is on LO 127.0.0.1:8080), but I know from previous posts their are legends on these forums and would appreciate some pokes in the right direction if anyone has any ideas. And yes, I did look around the forums and on the Internet, but I can't seem to find the thing that works. Any thoughts are welcome. Think this might be a cool addition to the forums if we can get it going. Thanks.
I'd like to send all http traffic from Pineapple clients through Burp Proxy. Here is my setup: I have a Kali Linux box is providing internet to the Pineapple via ethernet using the wp5.sh script. At this point Pineapple clients are able to internet access just fine. I start Burp and it's listening on all interfaces on port 8080 in invisible mode. I think I should be able to send all of the Pineapple traffic through Burp using iptables, but I am not sure how to do so. I thought running the following on the Kali box would do it: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080 But after running that my Pineapple clients have no internet access. Any idea what I'm doing wrong? I have tested Burp Proxy without the Pineapple and it is working, so I think I just need to sort out how to send the Pineapple traffic to Burp.