summitt / nope-proxy Goto Github PK

Due to the new Burp Suite Layout and the Message Inspector (https://portswigger.net/burp/documentation/desktop/functions/message-editor/inspector) on the left side, the hex view is not working in the latest version.

I run Burp on:

# cat /etc/issue
Kali GNU/Linux 2.0 \n \l

# uname -a
Linux burpbox 4.0.0-kali1-686-pae #1 SMP Debian 4.0.4-1+kali2 (2015-06-03) i686 GNU/Linux

# java -version
java version "1.7.0_79"
OpenJDK Runtime Environment (IcedTea 2.5.6) (7u79-2.5.6-1~deb8u1)
OpenJDK Server VM (build 24.79-b02, mixed mode)

And get this when loading extension:

java.lang.UnsupportedClassVersionError: burp/BurpExtender : Unsupported major.minor version 52.0
    at java.lang.ClassLoader.defineClass1(Native Method)
    at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
    at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
    at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
    at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
    at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:274)
    at burp.mdh.a(Unknown Source)
    at burp.mdh.<init>(Unknown Source)
    at burp.w6f.a(Unknown Source)
    at burp.n1d.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)

What versions of java are supported?

In the case of a client authentication with the server and vice versa you would need to add in 2 certificates. Nope supports only 1 certificate.

If I understand it right, the "Use the above 'DNS Response IP' ..." checkbox makes all DNS responses return the IP address listed in the "DNS Response Ip" field, except for those for which there is a record in the "Custom Hosts file".

Is there instead a way of making NoPE return real DNS entries except for those domains listed in the hosts file?

So if my hosts file contains

15.15.15.15  a.a.a.a
16.16.16.16  b.b.b.b

I'd like NoPE to return 15.15.15.15 for a.a.a.a (and similarly for b.b.b.b), but for all other domains, I'd like it to return the actual IP by calling an actual resolver.

How do I run this extension in burp ? I tried adding on adding burpextender.java in burp extender tab but I get following error:

java.lang.ClassNotFoundException: burp.BurpExtender
at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:274)
at burp.poe.a(Unknown Source)
at burp.poe.(Unknown Source)
at burp.prg.a(Unknown Source)
at burp.hdc.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)

java.lang.ClassCastException: java.lang.String cannot be cast to java.lang.Integer
at josh.ui.NonHttpUI$11.tableChanged(NonHttpUI.java:606)
at javax.swing.table.AbstractTableModel.fireTableChanged(AbstractTableModel.java:296)
at javax.swing.table.AbstractTableModel.fireTableCellUpdated(AbstractTableModel.java:275)
at javax.swing.table.DefaultTableModel.setValueAt(DefaultTableModel.java:666)
at javax.swing.JTable.setValueAt(JTable.java:2741)
at javax.swing.JTable.editingStopped(JTable.java:4723)
at javax.swing.AbstractCellEditor.fireEditingStopped(AbstractCellEditor.java:141)
at javax.swing.DefaultCellEditor$EditorDelegate.stopCellEditing(DefaultCellEditor.java:368)
at javax.swing.DefaultCellEditor.stopCellEditing(Def

I want to do performance and security testing for my mobile App (Chat) which supports xmpp server and client, what are the recommended tools or scripts,strategies to do it.

Please suggest on this!!

Hello,

I am running Burp Suite as root on OSX Catalina. After starting the server on port 53, I could not get any data in the DNS history. After checking the currently used ports, I saw that there is not any app listening on this port. I tried changing the port to something else (like 5353) but still no app listening. I tried to run the Burp's proxy on this port, and it could listen on this port without problem, so I am pretty sure Burp does have every privileges needed.

I am pretty new to using Burp suite, but I can add more information if you tell me what you need.

Thanks.

hi sir
i configured dns and get dns history but port monitor isnt working
and interception isnt working

right now the python output, compile issues, and debug messages are not showing up in the right scroll bar beside the python mangler. currently troubleshooting to find root cause.

java.lang.NullPointerException
at josh.utils.Lister$1.gotPacket(Lister.java:70)
at org.pcap4j.core.PcapHandle$GotPacketFuncExecutor.lambda$got_packet$0(PcapHandle.java:1254)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
at java.base/java.lang.Thread.run(Thread.java:832)

The above is the stack trace I dont know what to do is there like a specific pcap version or configuration i need to have?

Am running windows 10

Currently some requests show modified by python when in fact they have not been. This only happens in the mangle function. It does not affect traffic flow. Just a visual annoyance.

Hello,
From what I understand (tried to follow this https://github.com/summitt/Burp-Non-HTTP-Extension/wiki#basic-set-up-for-local-client-testing-on-a-single-machine) the extension should respond a DNS response from the Google DNS server (unless it is in the custom hosts file or unless the "use the above 'DNS...'" is checked.) but from what I seen it doesn't respond anything.

I am running burp on Windows.

Thanks!

Hello,

the code is not compiling successful on maven / kali OS by default.
I think the pom.xml is missing json simple and jython depedency.

Also if you want to add the extension to Burp, it needs to be in jar format right ? the Burpextender class has no void public main function. What am I missing here to compile it ?

Thanks

Hi,
I'm sorry for my english.
Through the DNS interceptor I can see a request for the domain X but when I look through the proxy I can't find it.
Also when I use burp without Nope proxy the app works but when I enable Nope it doesn't.
I really appreciate any kind of help.

P.S. I use frida to bypass the ssl pinning.

RESOLVED - On MAC OSX macOS 10.15.7 (19H2) Darwin 19.6.0 when using BIND 9.16.7 (Stable Release) on Port 53; the NOPE Application will freeze during install when BIND is already listing on Port 53.

FIX : kill -9 bind before install of NOPE

Suggestion would be to allow for soft install/load of NOPE and then pop a config note to use alternate port...

Looks awesome btw!!

Add a 'Donate' Button 👍

First off, this is an amazing extension. One feature that would be useful is if it supported the SOCKS Proxy option in Burp. I currently have a SOCKS Proxy set up, but monitoring my traffic shows that the NoPE Proxy is sending traffic directly from my host to the server without using the SOCKS Proxy.

Thanks again for this.

Hi,
Thanks for the great tool first of all..
The port monitoring feature does not work, can you support it?

10x

Hi
Thanks for making this extraordinary extension available.
Would please add a support for ruby mangler and traffic manipulation?

Thank!

The current version of NoPE (commit d9c7d51 ) does not appear to support oracle JDK / JRE 9 (tested 9.0.4). The extension loads in burp 1.7.32 but the NoPE tab does not display in the UI and no errors are displayed.

After lots of trial and error / troubleshooting I isolated the issue to the use of Java 9 (9.0.4). The issue does not occur when the current Java 8 (8u162) JRE is used

Flagged as in issue to hopefully save others the time that I sunk into this today :)

Sometimes when you enable a listener it disables the one above or below it.

I am not an expert with software development so I did some research on the Internet and identified that this requires Maven to build the package. however, when using Maven to compile the package, i am getting the following errors:

ailed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.3:compile (default-compile) on project NonHTTPProxy: Compilation failure [ERROR] /home/rameez/Downloads/Burp-Non-HTTP-Extension-master/NonHTTPProxy/src/josh/utils/Lister.java:[64,46] <anonymous josh.utils.Lister$1> is not abstract and does not override abstract method gotPacket(org.pcap4j.core.PcapPacket) in org.pcap4j.core.PacketListener [ERROR] [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException

Can somebody help me here?

I am not sure if this is a bug or missing functionality, but the Non-HTTP Proxy settings do not persist when Burp is closed and re-opened.

Java JRE:
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-3ubuntu1~16.04.1-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

Burp 1.7.05

I got this error when tring to start port monitor

and port monitor doesn't work, please help me fix this issue

I'm trying to get this work on my android device by following this tutorial.
i follow every step on it, but i dont see any content on "DNS History" tab.
Im currently using burpsuite 1.7.32 with jre1.8.0_162
any clue?

Some part of my mobile app runs on a slight different protocol ( not ideal HTTPS ) though it uses port 443, I tried your tool I got the domain to which it is making connection but am getting SSL connection error , installed the .p12 certificate as well which was suggested. Are any special changes to be made to my mobile device. Please let me know it will be great help.

nothing works, another crap

Could be an issue with my setup but I'm not sure here.

java.util.ConcurrentModificationException
        at java.util.HashMap$HashIterator.nextNode(HashMap.java:1437)
        at java.util.HashMap$KeyIterator.next(HashMap.java:1461)
        at josh.nonHttp.GenericMiTMServer.Closed(GenericMiTMServer.java:434)
        at josh.nonHttp.SendData.SendClosedEventTrigger(SendData.java:81)
        at josh.nonHttp.SendData.run(SendData.java:317)
        at java.lang.Thread.run(Thread.java:745)
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Hi,

I'm trying intercepting SSL traffic with NoPE, but i dont know location for store p12 ca certificate on mac.

Thankyou.

Hi. I'm using a jailbroken iOS 9.0.5 ios device for pentesting and set the dns to the ip of the interface where I was hosting burp. I tried this on a MacBook and a Win 10 machine.

On both I say no DNS history stream. I am using Version 1.5, downloaded Nov 13th. By Burp on OSX is 1.7.27 and on Win10 is 1.7.26

The custom-app I was looking at just says there was a timeout, but not further explanation without getting into some low level debugging that I was reluctant to dive into. The app loads normal http content, apparently just not the non-http communication. But in all cases, not DNS History information is populated.

Work around that got things working:

• installed and run latest wireshark, not sure if that contributed to issue. However, using that I saw that device was looking for port 53, not default 5353 and changing to port 53, started seeing activity per specifications.
• And I also had disabled all Symantec services on my Windows 10 related to firewalling and things it was doing to 'help me' but likely was hurting me.

manual install and it will show "Failed to verify BApp file" ???

Can you upload this extension directly to BApp store?

mac:10.15
burp:burp suite community edition 2020.12.1
java:openjdk 11.0.9.1
I have already installed libpcap through brew install libpcap. And I can receive the dns history on the left window, but there is nothing on the right window(port monitor).Just like that:

anyone has the same situation? please help me,thanks~

Hi,Josh summitt, when i use Burp-Non-HTTP-Extension as the wiki
Basic Set Up for mobile testing. (testing on two machines) ,everything works fine but for ssl .
and i have already installed burpCA in my iphone ,and trust it . when i use iphone view http ,it work,but don not work for https .Looking forward to your reply.

Hi,
Below are my configurations that I've configured after installing extenstion to my burpsuit

Local DNS = 127.0.0.1
Current IP address = number of adapter that connects between application and server
server address : REMOTE_SERVER_IP ,
server port = SERVER_LISTENING_PORT
listen port = RANDOM_PORT
Checked "DNS Response IP " on
Clicked plus Sign and play button.

unfortunately, nothing happened other than seeing dns traffic in DNS tab.
I can't intercept TCP stream or even see the traffic in proxy history.

My burp suit version : 1.7.19
My operating system : windows 10
My java version : 1.8.0_121
My application is written with C#, i've even tried another java app but not working too.

Can you help me please.

Thanks

Known issue that will be fixed in the next release

Could you please investigate why the NOPE Proxy tab does not appear in Burp 2.0.16beta?
It used to appear in earlier betas such as Burp 2.0.8beta.

Thanks!

It seems that the extension has issues with enabling more than 2 listeners to the to the non-proxy options under server config. I can add numerous non-http proxy listeners, but i can only enable 2 (rarely 3).

If i click on the enable checkbox, nothing happens. It does select the row, but the checkbox does not become enabled.

Known issue to be fixed in the next release.

when i try to add it to burp i get the following error:

java.lang.OutOfMemoryError: Java heap space
at java.util.Arrays.copyOf(Arrays.java:2271)
at java.io.ByteArrayOutputStream.grow(ByteArrayOutputStream.java:113)
at java.io.ByteArrayOutputStream.ensureCapacity(ByteArrayOutputStream.java:93)
at java.io.ByteArrayOutputStream.write(ByteArrayOutputStream.java:140)
at burp.iud.a(Unknown Source)
at burp.mlf.(Unknown Source)
at burp.bld.a(Unknown Source)
at burp.u1b.run(Unknown Source)
at java.lang.Thread.run(Thread.java:722)

i tried to start burp with following option but i get the same error:
java -XX:MaxPermSize=1G -jar burp.jar

The list of Non-HTTP proxies sometimes does not allow me to remove or enable proxies. A restart is required so that they can be added again.

Java JRE:
openjdk version "1.8.0_91"
OpenJDK Runtime Environment (build 1.8.0_91-8u91-b14-3ubuntu1~16.04.1-b14)
OpenJDK 64-Bit Server VM (build 25.91-b14, mixed mode)

Burp 1.7.05

Would you please be able to provide a bit more guidance on how to set this up in burp? I tried installing the java file in the burp folder through burp extender, but that fails

I'd like to ask if im dumb.. or if it's an issue :D
I cannot get this working properly. In the first case i tried to forward the DNS requests to my router, but that doesen't seems to be working. Every time i try to open a page with configuration as follows:
/-------------------------------------------------------------------------------------/
NoPE proxy DNS Response IP: IP of my machine;
NoPE proxy interface selected: en0;
NoPE proxy port:53;

OS DNS server: IP of my machine -> this does not work because my machine is not a dns server ;
and some usual OS HTTP & HTTPS to Burp (8080)
/-------------------------------------------------------------------------------------/
So im asking if it is possible to somehow get this working.. In best scenario even without messing with the dns entirely...
If not, am i supposed to create some sort of DNS service on my machine? Or forward the DNS queries to the router and then interpret them back?
When i open some page, theres the Burp Suite error message: Not reachable (or something);
Trying to intercept traffic from just one machine, not any other.
MacOS - Big Sur

Looks like a really handy tool but cannot get this to work normally :(
Thanks<3

It is loaded successfully. but tab isn't appeared