Burp Suite User Forum

Create new post

Can we Test ThickClient build using C++ running on TCP Protocol

Arun | Last updated: Mar 09, 2015 04:56AM UTC

Hi, We are pen-testing Thick-client application developed in C++ running on TCP protocol using Winsock controls. I have tried changing the following >> Under proxy tab modified Options as ------------------------------------------------------------------------------------------------------------------------ Running | Interfaces | Invisibles | Redirect | Certificate ------------------------------------------------------------------------------------------------------------------------ Checked || Checked || Per host >> enabled to support invisible proxy Was unable to capture any traffic, can you suggest what I am doing wrong.

PortSwigger Agent | Last updated: Mar 09, 2015 11:57AM UTC

Does this client application use HTTP/S for its communications with the server? If so, and it doesn't honor the configured proxy settings, then you might be able to capture the traffic using invisible proxying and using the steps described in detail here: http://portswigger.net/burp/help/proxy_options_invisible.html If the client application is using something other than HTTP/S, then Burp can't intercept its traffic.

Burp User | Last updated: Mar 12, 2015 04:30AM UTC

The AUT only communicates using TCP/IP with the databases servers. So I guess burpsuit doesn't intercept the traffic on transport layer. Any suggestion on another tools which could be used for the same.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.