The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Testing a Citrix XenApp application using Burp

Elliot | Last updated: Jul 13, 2021 03:22PM UTC

I'm attempting to test a Citrix XenApp application by running it on a Windows 10 VM (VirtualBox) guest machine, and proxying the traffic through a Burp Professional proxy on the host only network (the proxy sits on the bare-metal host). If I connect in this manner, the windows hosts starts making a bunch of requests like HEAD / HTTP/1.1 Host: yuhakmeovo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42 Accept-Encoding: gzip, deflate Connection: close where the host is any arbitrary 10 character domain. When the proxy doesn't respond to these requests, (or responds improperly. This is a bit outside my ken), Citrix determines that the host isn't connected, and stops until I bypass the Burp Proxy. This is, unfortunately, a major problem for intercepting traffic and actually testing the application. Is there a common solution? If I get past this hurdle, I may still stumble on the certificate, (https://forum.portswigger.net/thread/interception-of-citrix-netscaler-traffic-66b481ce. ) but I'm not even out of the gate yet.

Hannah, PortSwigger Agent | Last updated: Jul 14, 2021 03:56PM UTC