search

blabla1337 / skf-labs

Repo for all the OWASP-SKF Docker lab examples
Apache License 2.0
439 stars 201 forks source link

How to intercept docker running server with burp suite #127

Closed amrayoub closed 3 years ago

amrayoub commented 3 years ago

Hi, I'm trying to intercept http://0.0.0.0:5000/ with burpsuite after running the docker image.

is that possible?

tsluyter commented 3 years ago

Well yes. That's the point of many of our labs.

  1. You start the Docker container. If you don't specify an IP to listen on, it'll grab 0.0.0.0.
  2. You browse to the app at any IP address of your system.

Ideally we would actually set a listening IP of 127.0.0.1, so -p 127.0.0.1:5000:5000, but we don't in most of our walk-throughs.

But to answer your question: yes, go right ahead!

  1. Start the Docker container as instructed.
  2. Start Burp Suite.
  3. Use either the Burp embedded Chrome browser, or your normal browser (through Burp).
  4. Browse to http://127.0.0.1:5000

There are some caveats. If you browse to "localhost" you may fail to reach the webapp, because localhost can resolve to your IPv6 address. Also, Firefox has a specific setting which blocks localhost traffic from being intercepted/proxied in about:config.