Ok, this problem started when i do pen-testing job, and i had to re-scanning some web application, and the web server ip address is already changed, mostly happen because 1st time I scanned using internet ip and then when doing an internal pentest, i'm using internal web address. So, i ask to Dafydd, if these feature exists, but apparently only for target with hostname is supported, see image below, e.g: for domain "test.com".
Fortunately there is an easy solution, with only one simple extension called "trafic redirector", see the details here, we should be able to redirect the traffic. At first i choose the java extension, but after compiling it into .jar and try to load it, i get "strange" java error, so i use the python version, and to use it we only need to modify the address from the "TraficRedirector.py".
from burp import IBurpExtender
from burp import IHttpListener
class BurpExtender(IBurpExtender, IHttpListener):
HOST_FROM = "110.94.90.59"
HOST_TO = "172.24.101.2"
To run the python extensions under burp extender, you need to install jython in your machine, and for Mac users, you can just use brew to get jython installed on your machine.
$brew install jython
and then define your jython path at burp Extender options,
and then load the "Traffic Redirector" extensions
Ok now, we are good to go.
No comments:
Post a Comment