Hi, I want to intercept http traffic to burpsuite is there any way to intercept the packages installed through snap …
- What have you tried?
- How would you do it if the app wasn’t in a Snap? Have you tried doing it that way?
1 Like
Hi daniel hope you’ are doing good. I Tried doing
- sudo snap set system proxy.http=“http://<proxy_addr>:<proxy_port>”
- sudo snap set system proxy.https=“https://<proxy_addr>:<proxy_port>”
If the package is not snap this will work
copy the burpca.crt file to /usr/share/ca-certificates then
$ sudo update-ca-certificates
In windows I use this settings for intercepting http, https traffic towards burpsuite proxy
I have’nt tried on ubuntu yet but I did’nt get any good resource related to intercepting traffic of snap packages to burp proxy.
snap doesn’t enforce proxy connections for applications installed as snaps. It’s up to the application whether they support connections over a proxy, and whether they respect the http_proxy environment variables. Is there a particular application you want to spy on or is it a general thing you want to examine?
Basically I’m Security Researcher and I came across a app “wickrme” and I want to test that for security vulnerabilities and I haven’t found a way to intercept the traffic to my proxy… Thanks for clariffication…
1 Like
you need to do this on a network level then … i.e. a firewall rule that redirects all port 80 traffic to the proxy on a lower level
roughly like (untested and from the top of my head):
iptables -t nat -A PREROUTING -i eth0 -p tcp -d 0.0.0.0 --dport 80 -j DNAT --to {proxy_addr}:{proxy_port}
1 Like