BurpSuite is a manual toolkit for investigating web security. Burp Proxy allows manual testers to intercept all requests and responses between the browser and the target application, even when HTTPS is being used. The tutorial discusses configuration of Burp to use connection over Tor network.
1. BurpSuite Community Edition
We can find BurpSuite Community Edition within Kali Linux. Download the latest Kali Linux VirtualBox appliance and import ova file into VirtualBox (Ctrl-I).
2. Install Tor on Kali Linux
Log to Kali LInux with the default credentials - root/toor and install Tor.
# apt install tor
Enable and start Tor service and check if the service is listening on port 9050.
# systemctl enable tor
# systemctl start tor
# netstat -tulpn | grep tor
Picture 1 - Checking Port Open by Tor Service
3. Burp Configuration For Tor Proxy
3.1 Configure Burp To Use Tor as Socks Proxy
Open Burp and navigate to User Option-> Connection-> SOCKS Proxy and click Check button - Use SoCKS proxy. Insert the Tor socket settings (Picture 2).
Picture 2 - Burp Configuration for Tor Proxy
3.2 Configure Burp as Listener
Navigate to Proxy-> Option-> Proxy listeners. Configure the IP address and port Burp is listening on. Check the box Running (Picture 3).
Picture 3 - Configuration of IP and Port Burp is Listening On
3.3 Configure Burp to Intercept Client Requests and Server Responses
Navigate to Proxy-> Option. Click the both check boxes next to the options - Intercept requests based on the following rules and Intercept responses based on the following rules.
Picture 4 - Burp Configuration to Intercept Client Requests and Server Responses
Once you finish, intercept traffic by selecting Proxy-> Intercept. Cick 'Intercept is on' button (Picture 5).
Picture 5 - Enable Traffic Interception on Burp
4. Import Burp CA Certificate to Firefox and Configure Firefox to Use Burp as Proxy
4.1 Download Burp CA Certificate
Open Firefox web browser and navigate to http://burp/. Click on CA Certificate in the upper right corner of the web page. Download der encoded certificate cacert.der and import it unto Firefox.
4.2 Import Burp CA Certificate to Firefox
Open Firerox-> Preferences. Type cer in 'Find in Preferences' box and click View Certificates. Navigate to Authorities-> Import. The new certificate PortSwigger CA has been Installed (Picture 6).
Picture 6 - CA Certificate Installation into Firefox
4.3 Firefox Configuration to Use Burp as Proxy
Open Firefox-> Preferences-> Network settings and configure proxy setting to send traffic to Burp. It is listening on socket 127.0.0.1:8080 (Picture 7).
Picture 7 - Firefox Configuration for Burp as Proxy
Now, you visit myip.com and check that your IP is the address of Tor exit node (it's different than your public IP assigned from ISP).