Burp Proxy Firefox

There is a few popular ways to run Burp Suite in the pentesting environment. The simplified approach is to have a dedicated web browser to use (only) with Burp.

The downside is that the proxy setting for the browser (Chrome and Safari) needs to be set on the system level - on the Mac OS X. As a result, the whole HTTP and HTTPS traffic from the system would be routed through Burp and not only traffic from the browser but also traffic from the installed applications.

Firefox

Proxy configuration in Firefox is set directly in the browser. There is no need to modify system settings.

Thanks to Firefox and its multiple profiles, we can install cacert.der only in a separate profile and keep the default one without Burp's CA certificate. That allows running two Firefox instances, side by side with each other. Burp Suite, a framework of web application pentesting tools, is widely regarded as the tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and change/send on HTTPS data. The suite can run under windows and linux.

Multiple Firefox profiles

Firefox allows creating separate profiles acting as containers storing sensitive information separated from each other. Each profile stores its own:

  • Cookies
  • Extensions
  • Security certificate settings
  • and more..
Burp

'Security certificate settings: The cert9.db file stores all your security certificate settings and any SSL certificates you have imported into Firefox.'

Burp requires cacert.der (CA cert) to be imported in the browser or system keychain (not recommended) to intercept HTTPS traffic. If attacker would get this certificate and MITM your connection (i.e., when using public Wi-Fi) he would get your whole traffic, unencrypted.

Burp proxy firefox browser

That is why storing this certificate in your browser, is not a good idea, because it opens up a new attack vector. If you are curious about what might happen, read about a similar case from Dell: eDellroot issue

On every new installation or when Burp's configuration is wiped out, it would generate a new CA certificate served from 'http://burp/cert' URL. It significantly makes the attack harder from the malicious actor perspective.

Thanks to Firefox and its multiple profiles, we can install cacert.deronly in a separate profile and keep the default one without Burp's CA certificate.That allows running two Firefox instances, side by side with each other. Furthermore, you can install all of the necessary plugins in Burp's Firefox profile, and it will not affect the default one.

Read more on Firefox profiles.

Configuration

  1. Open Firefox and go to 'about:profiles' URL
  2. Create a new profile and name it 'Burp'
  3. Click on the 'Launch profile in new browser' button
  4. New Firefox window should Open
  5. Install Foxy Proxy extension if needed
  6. Change Firefox theme to easily distinguish between 'default' and 'Burp' profiles

Whenever you want to run 'Burp' profile open Firefox and go to 'about:profiles' to launch it, there is an option to use CLI to run a profile as well. Presonus faderport ableton.

Takeaways

Burp Proxy Localhost Firefox

  • Do not install cacert.der in your (default) web browser, especially do not install that directly into the system keychain
  • Always separate your pentesting tools and activities from your day-to-day environment/configuration
  • If possible, run Burp inside virtual machine or on the remote instance to avoid embarrassing incidents if someone hacks you through the Burp Suite installation. Software is software, and vulnerabilities do happen
This article is a part of the Guide for Burp Suite series. Within the previous article, we see learn about the Different tools which are available with Burp Suite. Now we'll move forward and learn about the basics of proxy and how we can configure the FoxyProxy tool with the Firefox browser. So Let's Get Started.
Burp Suite operates as a web proxy server between your browser and target applications and lets you intercept, inspect, and modify the raw traffic passing in both directions. Burp is designed to be used alongside your browser. Burp functions as an HTTP proxy server and all HTTP/S traffic from your browser passing through Burp. To do any kind of testing with Burp, you need to configure your browser to work with it.
We need to configure our browser to use the Burp Proxy listener as its HTTP proxy server. To do this, we need to change our browser's proxy settings to use the proxy host address (by default, 127.0.0.1) and port (by default, 8080) for both HTTP and HTTPS protocols, with no exceptions.
The easiest way to set up the browser proxy is to use a proxy switcher. A proxy switcher is a tool, usually in the form of a browser add-on, that allows us to turn a proxy on and off or cycle between multiple proxies with the click of a button. It saves loads of time as it usually takes many clicks to enable or disable a proxy. FoxyProxy is a popular proxy switcher available for both Firefox and Google Chrome. Here, we will be install and configure FoxyProxy in the Firefox browser to use in it with the Burp Suite.
Below are the steps that how we can Install the FoxyProxy tool extensions and configure it with firefox.
1. The first thing we need to do is start Firefox and navigate to the 'Add-ons Manager' from the Options menu in the firefox browser.
Burp Proxy Firefox
2. On the 'Add-ons Manager' page, search for 'FoxyProxy' using the search field. After that click the 'Add to Firefox' button to add the extension.
3. After that click on 'Add' on the prompt to add the extension on the firefox.
4. Now you are able to see a little icon in the upper-right area of the browser, Next to bookmarks, or whatever else is in the toolbar. Click the FoxyProxy icon and select 'Options' to go to the settings page.
Firefox
5. Next, click 'Add' to add a custom proxy, and then enter '127.0.0.1' in the 'Proxy IP address or DNS name' field and '8080' in the 'Port' field and click on the 'Save' button.
6. Now, all we have to do is enable it while Burp is running, now this allows you to simply switch the proxy on and off or even switch between different proxies. Click the icon and select '127.0.0.1:8080' to turn it on.
Congratulation! finally, you know what is FoxyProxy and how to configure it with the Firefox browser. In the next Part, we will discuss how we can install Burp's CA Certificate in Firefox so that we can intercept the HTTPS requests in the Burp Suite.

Firefox

#burpsuite #burpsuitetutorial #burp #webapplicaitonpentesting