Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

CONNECT request for plaintext resource fails

Brandon | Last updated: Feb 28, 2017 04:41PM UTC

Hi, While testing Metasploit modules during module development, I will often try to pass the HTTP requests Metasploit is making through burp. However, when Metasploit is interacting with a plaintext resource (no SSL), then proxying through burp doesn't work. Only proxying data through burpsuite to an SSL-enable port will allow me to successfully proxy the data. I have determined that this is caused by Metasploit sending a CONNECT HTTP request (usually designated for SSL-enabled servers) even for port 80 plaintext HTTP servers. This isn't a bad thing, as the HTTP specification says that a CONNECT request MAY be sent before initiating any more plaintext HTTP requests. It isn't necessary that the server use SSL. I believe this is a bug in Burp Suite. It seems to assume that CONNECT is intended for SSL, but that isn't necessarily the case, per the HTTP specification. Because of this, proxying plaintext HTTP requests through Burp doesn't work, only SSL-enabled HTTP requests. Let me know if you have any questions or if this doesn't make sense. Thanks!

Burp User | Last updated: Feb 28, 2017 04:49PM UTC

I should rephrase one of my sentences. Because of this, proxying plaintext HTTP requests from Metasploit through Burp doesn't work, only SSL-enabled HTTP requests.

PortSwigger Agent | Last updated: Feb 28, 2017 04:54PM UTC