How to configure burp suite to Intercept Network Traffic?

When dealing with an unfamiliar web application, traffic inspection should always be one of the first moves. Although a web application can display several elements to the end-user via the browser interface, most applications make multiple requests between the client and server during the development of those elements before they enter their final presentation state.

BurpSuite can be started in Kali using either the Dock button or the Application menu. When we start BurpSuite, we will get a popup message saying that BurpSuite has not been checked with Java 11.0.9 yet (Figure 1).

Figure 1: BurpSuite Java version warning

BurpSuite does not currently support short-term support versions of Java, which is why this alert appears. We can easily disregard this alert because the Kali team always checks BurpSuite on the Java version that comes with the OS.

The next window gives the user the option of starting a new project or restoring one that has already been saved. BurpSuite’s technical function of being able to use project files is not available for this course. As a result, we will choose Temporary project and proceed.

Figure 2: BurpSuite temporary project

Before the proxy is completely started, we are given the option of loading a custom configuration or accepting the defaults at the final prompt. Each researcher has their own favorite workflow and settings, which we can customize and streamline with BurpSuite. For the time being, we will use the BurpSuite default profile.

Figure 3: BurpSuite configuration settings

After starting BurpSuite, we can verify that our proxy service is up and running by going to the Dashboard and looking for a message that looks like this:

Figure 4: BurpSuite proxy running.

The last move is to configure our browser to use the proxy server. This can be achieved in Firefox by going to about:preferences#advanced, clicking Network, and then Settings.

Here, we must choose Manual and enter the proxy’s IP address as well as the port on which it is listening. Since the proxy and the browser are both hosted on the same machine, we will use the loopback GUI. Bear in mind that if you are going to use the proxy to intercept traffic from different devices, you will need to use the correct IP address. Finally, we want to ensure that we can intercept all requests while testing the target application by checking the Use this proxy server for all protocols choice.

Figure 5: Firefox network settings

After setting up the network settings go to the browser and type http://burp and download The CA certificate and save it to downloads.

Figure 6: CA certificate download

Upload the CA certificate in the browser by going to the preferences of the browser then search for certificates > click on View certificates.

Figure 7: CA certificate upload 1.

Click on Import and upload the CA certificate to the browser.

Figure 8: CA certificate upload 2

Once the certificate is uploaded you will be able to capture requests of HTTP and HTTPS both.
In order to capture the request go to Proxy > intercept and click on intercept is off to turn the intercept on and start capturing request by loading the web application. Here we will be capturing request of example.com.

Figure 9: Intercept capturing request.

The HTTP history tab is self-explanatory: it allows us to view the entire session history, which contains all requests and responses captured by the proxy.

Figure 10: BurpSuite history tab