Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

[bug] Burp in transparent proxy mode forwards request to wrong port when host in Host header is different from host in request

Nikita | Last updated: Aug 23, 2020 08:53AM UTC

# Environment ## Configure system that will make request though Burp in transparent proxy mode. I've used Ubuntu 20.04 on VirtualBox with bridged adapter configured. Change default gateway of this system to system with Burp running (`ip route delete default; ip route add default via IP_OF_SYSTEM_WITH_BURP` on Ubuntu 20.04). ## Configure system with Burp running. 1. Enable transparent proxying in Burp. 2. Redirect inbound traffic to 127.0.0.1:8080 (instructions for popular OS can be found at https://docs.mitmproxy.org/stable/howto-transparent/) ## Steps to reproduce (actual result) ``` $ curl http://example.com:443 ... $ curl -H "Host: example.com:80" http://example.com:443 ... ``` Now look at Burp's Proxy tab. You'll see that 1st request _connected_ to `example.com:443` as it should however 2nd request _connected_ to `example.com:80` even though we've instructed it to connect to `example.com:443`. # Expected result It's expected that `curl -H "Host: example.com:80" http://example.com:443` will connect to port `443`, not `80` (meaning that it won't use port from Host header for making TCP connection).

Michelle, PortSwigger Agent | Last updated: Aug 24, 2020 01:50PM UTC