Intercept http2 (grpc) in BURP SUITE PROXY

blaszczakm.blogspot.com 3 lat temu

as root:

iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner mitmproxyuser -d 18.159.107.117 -j REDIRECT --to-port 8080

adduser mitmproxyuser


cat /etc/nghttpx/nghttpx.conf (downstream config)


frontend=0.0.0.0,8080;no-tls

backend=127.0.0.1,8081;;proto=http/1.1

backend-keep-alive-timeout=5m

frontend-http2-read-timeout=5m

frontend-read-timeout=5m

frontend-write-timeout=5m

stream-read-timeout=5m

stream-write-timeout=5m

backend-read-timeout=5m

backend-write-timeout=5m

backend-connect-timeout=5m

listener-disable-timeout=5m

backend-http2-window-size=134217720

backend-http2-connection-window-size=1073741760

frontend-http2-window-size=134217720

frontend-http2-connection-window-size=1073741760

http2-proxy=no

private-key-file=/etc/nghttpx/server.key

certificate-file=/etc/nghttpx/server.crt

cacert=/etc/nghttpx/ca.crt

accesslog-syslog=yes

errorlog-syslog=yes

workers=5


cat /etc/nghttpx/upstream.conf (upstream config)

frontend=127.0.0.1,8082;no-tls

backend=vendor-IP,28900;;no-tls;proto=h2

backend-keep-alive-timeout=5m

frontend-http2-read-timeout=5m

frontend-read-timeout=5m

frontend-write-timeout=5m

stream-read-timeout=5m

stream-write-timeout=5m

backend-read-timeout=5m

backend-write-timeout=5m

backend-connect-timeout=5m

listener-disable-timeout=5m

http2-proxy=no

accesslog-syslog=yes

errorlog-syslog=yes

workers=5


run nghttp as root:


┌──(root?kali)-[/etc/nghttpx]

└─# nghttpx

2020-12-18T14:38:21.383+01:00 8777 8777 99aaafb4 NOTICE (shrpx.cc:2882) Loading configuration from /etc/nghttpx/nghttpx.conf


run burp suite proxy 127.0.0.1:8081 (invisible proxy)

USER OPTIONS -> Upstream proxy add 127.0.0.1:8082


as mitmproxyuser:

┌──(mitmproxyuser㉿kali)-[/etc/nghttpx]

└─$ nghttpx --conf upstream.conf

2020-12-18T14:42:00.364+01:00 9293 9293 59e630c7 NOTICE (shrpx.cc:2882) Loading configuration from upstream.conf



as root:

run python code (client http2)











Idź do oryginalnego materiału