1

I know nmap and burp work at different levels, but in the same way, metasploit allows to set either an http or socks4 proxy, and I know and have used proxychains with Burp also.

But what I want is to see how the requests are done when using a HTTP http-wordpress-brutescript to an server on port 443, too bad because if it would have been to a port 80, at least I could have seen non-encrypted data with Wireshark. Anyways, I prefer to use Burp.

Is it possible to carry this out in some way¿?

aDoN
  • 283
  • 1
  • 3
  • 10
  • What is your question exactly? Do you want to use nmap through burp, or do you want to use http-wordpress-brute through burp? – Sjoerd Aug 19 '16 at 09:53

1 Answers1

0

You can instruct nmap to use a proxy, in this case you will want to use Burp as your proxy. More information here: https://nmap.org/book/ncat-man-proxy-options.html

edit: this should work for you seamlesly:

--proxy 127.0.0.1:8080

Assuming 127.0.0.1 is the IP of your burp proxy and its port is 8080

Iraklis
  • 651
  • 4
  • 7
  • 1
    FYI, I had to specify `--proxy http://127.0.0.1:8080` Otherwise, nmap would exit saying my proxy protocol was invalid. – CatShoes Nov 30 '16 at 12:03