stackoom
  简体   繁体   中英

How to incercept IP based HTTPS connections using burp proxy?

 原文  2012-03-24 18:15:31       ssl/ https/ proxy/ sniffing

Question

I have setup burp proxy on the default gateway in a transparent mode. Burp suite is displaying self signed certificate to web based HTTPS clients and intercepting the traffic. However, it is not able to intercept the IP based traffic.

Eg It can intercept https://abc.xyz.com but not https://192.168.132.129

Is there any way to intercept such traffic? I am open to solution other than Burp as well.

1 answers

solution1
 0  2012-09-01 13:11:55

In that case I'll suggest the OWASP Zed Attack Proxy :)

Its free, open source, and easy to use (I'm biased;)

You can create your own root CA cert which you can then import into your browser so that HTTPS traffic can be handled correctly.

You can also tell ZAP which IP addresses it should ignore.

Let me know if you have any questions about it.

Simon (ZAP Project Lead)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to proxy HTTPS traffic with burp suite? HTTPS Connections with Proxy cause SSLHandshakeException Sniffing https/SSL traffic with Burp Suite Proxy in combination with Wireshark nginx proxy based on host when using https How can I test https connections with Django as easily as I can non-https connections using 'runserver'? How does burp-suite intercept https requeest inspite of the encryption? https requests using a proxy Using HTTPS with a dynamic ip HTTPS data over socket using HTTPS proxy Advice on HTTPS connections using Ruby on Rails
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM