Burp Suite User Forum

Create new post

Java Socks Override on OSX

Jonathan | Last updated: Jun 04, 2015 02:02AM UTC

Hi there, This is more a heads up rather than a question. I use a socks proxy via SSH/corkscrew when I am onsite at clients' sites to get unobstructed internet. To do this I set the OSX OS proxy settings to my socks server However, it seems as though Java picks this up automatically when Burp is run and these settings override the socks setting within Burp (this is also with no setting in the Java console as well!). That is, despite having no socks setting set in Burp, the HTTP requests are still being sent via the socks proxy. However, if you add these settings in the cmd line it turns this behaviour off and respects (aye) the settings within Burp (at least it does for OSX): -DsocksProxyPort -DsocksProxyHost. So the command looks like: java -DsocksProxyPort -DsocksProxyHost -classpath /xxx/xxx/xxx/burp.jar -mx512m -XX:MaxPermSize=2G burp.StartBurp Cheers Jonathan

PortSwigger Agent | Last updated: Jun 04, 2015 02:39PM UTC

Thanks for this. When Burp is configured not to use a SOCKS proxy, it simply asks the platform to open direct TCP sockets to the relevant destination IP addresses. It sounds like (in your set-up at least) if you have configured a SOCKS proxy at the OS level, then Burp's request for a direct TCP connection actually causes the OS to use the configured proxy. This is presumably desired behavior, since the OS setting is intended to proxify the traffic from general applications that are not proxy-aware. Thanks for the tip on using the Java command line to override the OS-level SOCKS proxy configuration, which causes Burp's attempted direct TCP connections to be made directly.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.