thats my first post on Burp forum! :)
I'm here for a noble cause I guess: trying to give TSL 1.2 support to the glorious (and mistreated) Windows XP.
It seems infact the only way to do that, is to configure the system proxy, and Burp Proxy seems very good at that... ;)
Unfortunately there is a problem: it all works only when HTTP/S Responses come within seconds.
If the Response delays too much, more than half min or so, the relative client goes into timeout, drops the communication and aborts with error.
That happens usually when Burp gets busy in waiting for the internet site (very slow) or when the Response is indeed a big file to dl.
I have been wandering in your forum, where I guess I understood, the only way to workaround that is by an "extension".
So be clear I will come straight to the point, and explain exactly what is the workaround I want to do, with a real-life example.
When Burp Proxy receives such a HTTPS Request https://download.skype.com:443
GET /msi/SkypeSetup_18.104.22.168.msi HTTP/1.1
User-Agent: NSIS_Inetc (Mozilla)
Then Burp detects the filename and triggers a different behavior: it does NOT open a new connection upstream, but instead it builds a new Response header such as:
HTTP/1.1 200 OK
Last-Modified: Sat, 21 Oct 2017 14:13:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Date: Mon, 08 Jan 2018 02:01:34 GMT
And then loads the body binary content from a local file (somewhere on local media) called "SkypeSetup_22.214.171.124.msi", appends it to the header Response, and sends all straight to the client.
Since I have no experience in Burp "extension", and my programming skills are limited, my question is:
- Is there a public Burp "extension", which makes already smtng similar, so I can copy it and modify myself (to make this workaround)?
Thanks for your message.
Burp is probably not the best tool for provide TLS 1.2 support to Windows XP clients. It’s more intended for testing and debugging, and you’re likely to encounter all sorts of problems using it like you are.
Regarding your extension request, I believe this would be possible using the Burp Extender API. However, I’m not aware of an extension that currently does this.
thank you for your answer :)
I'm definitely able to do some Java programming, such as building a custom string as Response header, load an external bin file, and append it as body to the header.
What I'm NOT able to do is, to trigger Burp Proxy to detect the filename pattern in the client Request, and then how to send the new header+body back to the client as Response.
Can someone please send me a backbone of the method needed to catch the incoming string Request, and the method needed to send the custom Response back?
You can hook a proxy message by creating an IProxyListener and registering it. Inside processProxyMessage() you can’t immediately return a response. But you can modify the incoming message and redirect it to a local web service. Your extension can run an local HTTP server and return the responses you want. While not the most elegant solution, this does work.
all perfectly clear, thank you :)
Programming a dedicated HTTP/S server in Java for the sole purpose to feed TSL 1.2 on Xp, was actually my original project.
Then I thought, why I'm wasting my time in doing smtng new, when there is already my buddy Burp doing this much better already..? ;)
The Burp version I'm still using (proudly!) is the 1.4, which didn't have a mature "extensions" support indeed.
But after 7 years, I would have absolutely bet, the newest version of Burp had this feature finally... well, you can never say the things of life isnt it :)