Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

Proxy issues when using curl, python, openssl s_client

Connor | Last updated: Feb 12, 2023 10:51AM UTC

Hi there, I'm having issues with Burp 2023.1.1 and 2023.1.2 on both the personal and community editions where the proxy works fine when using the builtin browser or mobile application, however when trying to replay previous requests using any of the tools mentioned in the title, the request never makes it to the proxy. I have reproduced this on Arch linux and on a M1 MBP running Ventura 13.2 openssl s_client 10.0.0.223:8080 CONNECTED(00000003) curl output is: curl --insecure https://www.google.com -x https://127.0.0.1:8080 -v * Trying 127.0.0.1:8080... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) * ALPN: offers http/1.1 * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: none * [CONN-0-0][CF-SSL-PROXY] TLSv1.0 (OUT), TLS header, Certificate Status (22): * [CONN-0-0][CF-SSL-PROXY] TLSv1.3 (OUT), TLS handshake, Client hello (1): * [CONN-0-0][CF-SSL-PROXY] (5454) (IN), , Unknown (72): * OpenSSL/3.0.8: error:0A00010B:SSL routines::wrong version number * Closing connection 0 curl: (35) OpenSSL/3.0.8: error:0A00010B:SSL routines::wrong version number

Connor | Last updated: Feb 12, 2023 11:04AM UTC

Also tested this on 2022.12.7, and it seems to behave the same way. The same HTTP clients with mitmproxy appear to be working so I'm somewhat confused

Connor | Last updated: Feb 13, 2023 06:46AM UTC

Sigh, for anyone who stumbles unto this, don't hold it against me but this was a user issue :( The burp listener isn't an HTTPS listener but an HTTP one, so specifying HTTPS will cause the client to try and do a TLS handshake with a server that's just expecting normal HTTP. The wrong version number should have been a massive hint at what was happening here but I was tired at the time.

You need to Log in to post a reply. Or register here, for free.