Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Connection tracking on low level request

Maurizio | Last updated: Oct 21, 2019 03:03PM UTC

Hello, I would like to have a feature to track all connection requested on the proxy (at low level). Currently via Burp it's not possible to have a list of request executed via BURP but not handled correctly. For example if burp receive a "CONNECT www.pippo.com:7767 HTTP/1.0" and www.pippo.com response with a reset (example TCP RST) you will not be able to see this connection in burp. It's possible to have a feature to trace all the connections? In my knowledge it's not possible to do it via an extension. Maurizio

Mike, PortSwigger Agent | Last updated: Oct 22, 2019 07:42AM UTC

Hi, thank you for your request, could you provide me with some context on your exact requirements? Would you like this to be displayed in the history tab or in a different part of the user interface?

Burp User | Last updated: Oct 22, 2019 03:07PM UTC

In my case using some mobile application who do pinning it is not reported in the "alert" tab. Enabling this logging you will be able to see all the connection requested by the mobile, doesn't matter what happen after.

Liam, PortSwigger Agent | Last updated: Oct 23, 2019 12:12PM UTC

Which version of Burp are you using? You should encounter a message in the Event log and the Proxy history if there is an issue connecting. Have you tried using Wireshark to assess this connection issue?

Burp User | Last updated: Oct 28, 2019 02:13PM UTC

Same problem on 1.7.37 and 2.1.04 You can reproduce this issue by: - launch on a system nc -l -p 443 - on the browser (with burp as proxy) go to https://ip of the host If you don't kill netcat you will not see any error/alert on burp. There is also others case that will generate the same issue (ex. TCP RST after the connect). Using wireshark you can see all the CONNECT requests and you can find all the host contacted without problem.

Liam, PortSwigger Agent | Last updated: Oct 30, 2019 11:46AM UTC

Thanks for the additional information Agazzini. We'll investigate and get back to you.

Mike, PortSwigger Agent | Last updated: Oct 31, 2019 10:08AM UTC

Hi Agazzini We apologize for the late reply. We have just attempted to reproduce the behaviour you have described and unfortunately we encounter an error when attempting to use the netcat command provided. Could you confirm that the following command is correct? @nc -l -p 443@

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.