Introduction
Assuming someone sits between customers’ computers and edge servers(Man in the middle), he/she could change the original payload and forward the request to hack the server.
This article shows how to reproduce the problem by setting up a proxy testing env.
Well, after all, if a hacker controls the middleware, the hacker has the super power to do almost everything anyway.
General Concept
The original network flow:
Client (PC/Laptop) => Server
The new testing network flow: adding a proxy in between:
Client => Proxy
=> Server
So every request (matched the proxy rules) will be intercepted and stops/waits at the proxy level (Burp). The request won’t continue sending to the target endpoint until you forward
the request. Kind of like DEBUG
mode breakpoint in IDE (like VS Code, PyCharm).
Proxy Tool: Burp Community
Download and install the Burp Community (Free)
https://portswigger.net/burp
Check the proxy server status
The proxy server is set on 127.0.0.1:8080 as you can see on Event Log under the Dashboard panel.
Turn on/off the Interceptor
You could decide when to turn on the Interceptor on the Proxy=>Intercept
panel.
Its state change between Intercept is On
or Intercept is Off
.
- When
Intercept is Off
, every request is forward. - When
Intercept is Off
, every request is intercepted.
Stay focus
If you want to intercept certain links to avoid noise, there’re options to limit the requests.
For example, if my target endpoint is POST https://192.168.95.59/hello/world/
We could set the corresponding options below.
- And
URL
Matcheshttps://192.168.95.59/hello/world/
- And
HTTP Method
MatchesPOST
Local PC settings
Config your browser/computer proxy settings
Firefox steps
Recommended because other browsers like Chrome are not affected.
set proxy as same as Burp’s proxy server: 127.0.0.1:8080
Or Computer steps
It affects the whole computer and all browsers. Useful for IE testing.
Play the tricks: Intercept and change the payload
The original payload and headers will be present in an editable textarea box.
You could change the request in the textarea to whatever you want.
And click the forward
button. You fakes the request successfully.