Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

BurpSuite Proxy Listener, Mac OS and Chrome not playing nice together

Zac | Last updated: Feb 22, 2021 01:50PM UTC

I'm trying to play with BurpSuite by attacking a local instance of WebGoat (intentionally-vulnerable web app at https://owasp.org/www-project-webgoat/) and am having some difficulty getting the proxy setup. I am on a MacOS (important) and using Chrome for the browser. WebGoat runs by default on port 8080. So I start it up the way their docs show: docker run -p 8080:8080 -t webgoat/webgoat-8.0 And sure enough, when I open my browser to http://localhost:8080/WebGoat, I get its sign in page. So far so good. In BurpSuite I try setting up a proxy listener. I Add a new Proxy Listener, and set it to Loopback for port 8080. Also, to confirm, I *do* have interception turned on. Then in Chrome I go to **Settings** >> **Open your computer's proxy settings** which opens my network settings. I check the box for HTTP proxy and enter 127.0.0.1:8080. When I refresh the WebGoat app in my browser and attempt to log in, nothing happens. Back in the BurpSuite Dashboard, I don't see any traffic as having been captured. Have I missed anything in my setup?

Uthman, PortSwigger Agent | Last updated: Feb 22, 2021 03:24PM UTC

Hi Zac, You will need to install the CA certificate too. Once you have the proxy listener enabled and your browser configured to work with Burp, navigate to http://burpsuite. You will then need to download and install the CA certificate. - https://portswigger.net/burp/documentation/desktop/getting-started/proxy-setup/browser/chrome Have you considered using the embedded browser? That runs on Chromium.

Juan | Last updated: Sep 04, 2023 07:09PM UTC

Hola, yo intenté los mismos pasos que el pero el certificado me aparecía como "vencido" cabe aclarar que también estoy en macOS e igualmente presento el mismo problema, usando chromium me da el problema que no me deja iniciar sesión me dice que es inseguro, entonces estoy confundido, ¿que debería hacer? Ya desintalé,actualicé burpsuite sin embargo sigue dandome el CA caducado.

Hannah, PortSwigger Agent | Last updated: Sep 05, 2023 09:13AM UTC

Hi Can you try going to "Proxy > Proxy settings > Proxy listeners > Regenerate CA certificate", restart Burp and install the new certificate in your browser? Are you able to provide a screenshot of the error you are receiving with Burp's built-in browser? You can drop us an email at support@portswigger.net if you need to.

You need to Log in to post a reply. Or register here, for free.