Burp Suite User Forum

Login to post

readhandshakerecord when trying to capture server side events?

michael | Last updated: Oct 16, 2020 03:28PM UTC

When I try to open the login page the browser connects to sseLogin.php. In Burp this request never gets a response in the HTTP proxy history (as if it would wait for eternity). I get a readhandshakerecord error in my event log: client failed to negotiate a TLS connection to yyy.xxx.com:443 remote terminated handshake I tried to use ZAP as an upstream server, from that I got some responses with empty bodies with this header: Content-Type: text/event-stream;charset=UTF-8 I guess it has something to do with: "Server Sent Events (SSE) (Also known as EventSource) are a great way to send data instantly to the browser, it opens a stream between the browser and the server." Is there a way to let it work? I tried different Burp settings like SNI, toggling some protocols. When I remove Burp as a proxy (plain client-server connection) it behaves normally. If Burp acts like proxy the app stops and does not display the login form. I also noticed that when browsing to the URL directly - without proxy - the browser downloads the file sseLogin.php continuously (never ending download) with 1,9 kb/s.

Liam, PortSwigger Agent | Last updated: Oct 19, 2020 12:12PM UTC

Thanks for your message, Michael. Is the application publicly accessible?

michael | Last updated: Oct 19, 2020 02:13PM UTC

Hi Liam, no it is not publicly accessible. I think the continuous stream somehow gets stuck in Burp so the app does not get some critical info to display the login page. I think I am not able to capture that specific connection/stream in Burp when disabling proxy capturing until the login appears. The streams sends some data like 'date', event name like 'login', function like 'getconnection' (I guess this might be app specific).

Liam, PortSwigger Agent | Last updated: Oct 20, 2020 04:01PM UTC

It might be that Burp doesn't support SSE. I'll check this with our development team and get back to you ASAP.

Liam, PortSwigger Agent | Last updated: Oct 22, 2020 08:29AM UTC

I can confirm that Burp Suite doesn't handle SSE. Please let us know if you need any further assistance.

You need to Log in to post a reply. Or register here, for free.