Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Connection tracking on low level request

Agazzini Maurizio Oct 21, 2019 03:03PM UTC

Hello,

I would like to have a feature to track all connection requested on the proxy (at low level). Currently via Burp it's not possible to have a list of request executed via BURP but not handled correctly.

For example if burp receive a "CONNECT www.pippo.com:7767 HTTP/1.0" and www.pippo.com response with a reset (example TCP RST) you will not be able to see this connection in burp.

It's possible to have a feature to trace all the connections? In my knowledge it's not possible to do it via an extension.

Maurizio


Mike Eaton Oct 22, 2019 07:47AM UTC Support Center agent

Hi, thank you for your request, could you provide me with some context on your exact requirements? Would you like this to be displayed in the history tab or in a different part of the user interface?


Agazzini Maurizio Oct 22, 2019 03:07PM UTC
In my case using some mobile application who do pinning it is not reported in the "alert" tab.

Enabling this logging you will be able to see all the connection requested by the mobile, doesn't matter what happen after.

Liam Tai-Hogan Oct 23, 2019 01:17PM UTC Support Center agent

Which version of Burp are you using? You should encounter a message in the Event log and the Proxy history if there is an issue connecting.

Have you tried using Wireshark to assess this connection issue?


Agazzini Maurizio Oct 28, 2019 02:13PM UTC
Same problem on 1.7.37 and 2.1.04

You can reproduce this issue by:

- launch on a system nc -l -p 443
- on the browser (with burp as proxy) go to https://ip of the host

If you don't kill netcat you will not see any error/alert on burp.

There is also others case that will generate the same issue (ex. TCP RST after the connect).

Using wireshark you can see all the CONNECT requests and you can find all the host contacted without problem.

Liam Tai-Hogan Oct 31, 2019 10:08AM UTC Support Center agent

Thanks for the additional information Agazzini.

We’ll investigate and get back to you.


Post Your public answer

Your name
Your email address
Answer