Closed adrian-rt closed 6 months ago
adrian-rt
commented
7 months ago The behaviour seems very strange, it seems to work ocasionally.
For example, I got it to work while setting the target host to: www.showmyip.com and I see a new ip, however if I set the target hos to iplocation.net or ifconfig.co it doesn't show a new ip.
DaveYesland
commented
6 months ago This looks to be because www.iplocation.net takes the IP from the X-Forwarded-For header in the request (which is your IP by default in API GW).
To change this you can add a match and replace rule in burp to add in an arbitrary X-Forwarded-For header which will be sent through to the API GW.
In the case of www.iplocation.net this still will not make it respond with the proxied IP because it just take the value from the header but it does answer the question of what is going on there.
DaveYesland
commented
6 months ago Some changes were added that allow you to auto generate a random X-Forwarded-For header: https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension/pull/63
Hunterdawn82
commented
6 months ago Thank you @DaveYesland for the fix
Hi,
The extension seems to be configured ok, I don't see any errors anywhre, but it's not changing the ip either.
Is this still working? Where should I start debugging if I don't see any new ips? I've not seen any errors in AWS CloudTrail either.
thanks,.