Introducing SOS_Proxy

In this post I will introduce a simple but effective tool that I developed in order to automate the invisible proxy technique and manage to intercept the HTTP traffic of any non proxy-aware device.

Invisible Proxy Technique in bites

Is it possible to proxy a device that does not support this functionality? Sometimes, under particular circumstances, YES. You can do that with Burp Suite and the invisible proxying technique explained in Portswigger’s article. Following a brief summary of the steps that must be implemented in order to correctly intercept the HTTP traffic.

  1. Create a separate virtual network interface for each destination host.
  2. Create a separate Proxy listener for each interface (or two listeners if HTTP and HTTPS are both in use).
  3. Using your hosts file, redirect each destination hostname to a different network interface (i.e., to a different listener).
  4. Configure Burp’s listener on each interface to redirect all traffic to the IP address of the host whose traffic was redirected to it.

SOS_Proxy

In order to automate the setup of multiple invisible proxies with Burp I’ve developed a simple Python script called SOS_Proxy. The main features of this tool and a simple step-by-step demo can be found insite the following presentation. Otherwise, if you just want to check the source code, you can find it on github!


Morover, the following video will show a real use case against an Android device.

ESC Talk Record (in Italian)

Last summer i attended the End Summer Camp (ESC) security conference in Venice (Italy) as a speaker in order to present this simple but useful tool. Below you can find the video recording of that talk.