Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

How to intercept Burpsuite request when site is going to port 8443 or other uncommon web port

alvinoo | Last updated: Nov 30, 2020 09:12AM UTC

Hi there, Is it possible to do burp intercept on application where to application goes through port 8443 instead of 443. For some reason I am unable to intercept the proxy.

Uthman, PortSwigger Agent | Last updated: Nov 30, 2020 11:43AM UTC

Are you trying to change the proxy listener port? Or is the application accessible on a URL like http://localhost:8443/test and you are trying to connect to that? If the latter, it works fine for me. Which version of Burp are you using and do you see any errors in the event log? Do you have any port forwarding enabled or is another application using that port?

alvinoo | Last updated: Nov 30, 2020 01:52PM UTC

hi there, I forgot to clarify it is for Android mobile application. this is the tricky part. I have visited nviso blog and tried almost all solution I could, bypass SSL pinning, route traffic from port 8443 (app) to 8080(burpsuite) using IP tables, installed the certificate and move to the root folder on Android nougat, using drony, but nothing works..

Uthman, PortSwigger Agent | Last updated: Nov 30, 2020 02:38PM UTC

Is any traffic at all being picked up by Burp? Are you using a rooted Android device? What happens if you navigate through the app with Burp configured? Have you taken a look at the resources below? - https://portswigger.net/support/configuring-an-android-device-to-work-with-burp - https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-android-device - https://www.ibrahim-jaber.com/configuring-burp-suite-with-android-nougat/ - https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/

alvinoo | Last updated: Nov 30, 2020 10:53PM UTC

yes, I definitely have place the certificate correctly in the system folder, it is picking up traffic from auxillary application like googleapi and Gmail etc. the device is rooted. this is the first time I faced this issue, have done 20 over mobile application testing

alvinoo | Last updated: Nov 30, 2020 10:56PM UTC

when I navigate the app and intercept, traffic still flow through successfully.

Uthman, PortSwigger Agent | Last updated: Dec 01, 2020 11:25AM UTC

Can you try disabling TLSv1.3 on your Proxy Listener? (Edit the Proxy Listener > TLS Protocols > Use custom protocols > Disable TLSv1.3) If that also fails, what errors are you seeing in the Event log? Does the issue occur with all applications/sites? Or only the one you are testing?

alvinoo | Last updated: Dec 02, 2020 05:39AM UTC

the site is not using TLSv1.3

alvinoo | Last updated: Dec 02, 2020 09:43AM UTC

By the way, how do I prevent intercept of my gmail and google and other applications? Just let it focus on the application it self only

Uthman, PortSwigger Agent | Last updated: Dec 02, 2020 01:12PM UTC

You can set some rules up under Proxy > Options > Intercept Client Requests. I would suggest setting up your Target > Scope first too (to filter out any unwanted traffic). Can you please send us an email with screenshots of any errors that show up when you attempt to intercept the app using port 8443? You can reach us at support@portswigger.net.

alvinoo | Last updated: Dec 02, 2020 11:50PM UTC

there is no error unfortunately, the application just ignore the intercept but I can capture the adb log and sent to you.

alvinoo | Last updated: Dec 02, 2020 11:50PM UTC

there is no error unfortunately, the application just ignore the intercept but I can capture the adb log and sent to you.

Uthman, PortSwigger Agent | Last updated: Dec 03, 2020 11:02AM UTC

Sure, thanks. Do you see any of the application traffic in the HTTP history? Is this the only application presenting the issue? Or are all applications on your Android device affected?

David | Last updated: Jan 07, 2023 05:32AM UTC

I have this same problem with latest Burp too. When android app use custom port like https://abc.com:4567, Burp can't not capture this request in HTTP History. But Charles can capture it fine.

Ben, PortSwigger Agent | Last updated: Jan 09, 2023 11:48AM UTC

Hi David, Is the Android app that you are testing proxy unaware as well as using non-standard ports?

David | Last updated: Jan 10, 2023 05:26AM UTC

No, it's using normal https protocol with custom port in address. For example: https://abc.com:4567

Ben, PortSwigger Agent | Last updated: Jan 11, 2023 08:32AM UTC

Hi David, Just to clarify, what behaviour do you observe when you come to proxy this particular app? Does the app continue to function but you simply see no corresponding traffic within Burp? Or does the app stop functioning as expected when you attempt to proxy its traffic (and you possibly see errors in Burp)? You mention you can use Charles to capture the traffic from the app - is there any particular setup that you use to do this or does it capture the traffic using the default configuration?

David | Last updated: Jan 12, 2023 01:07AM UTC

Hi Ben, The app continue to function normally but Burp show no traffic. I use default configuration of Charles, no particular setup.

Ben, PortSwigger Agent | Last updated: Jan 16, 2023 08:03AM UTC

Hi David, If the traffic from the app is not adhering to the system proxy then you should be able to use something like ProxyDroid to force all outbound traffic out through your proxy.

David | Last updated: Jan 17, 2023 12:57AM UTC

Hi Ben, I'm already try ProxyDroid but it's same issue. Also it's not proxy issue, because Charles can capture it fine. Problem is in Burp itself. You can easy replicate issue with custom port in address

Ben, PortSwigger Agent | Last updated: Jan 18, 2023 08:13AM UTC