18

I am trying to analyze HTTP traffic of our application. Application uses port 8080. So I had configured burp proxy for 6666 and upstream proxy to our organisation proxy.

Made changes to browser's proxy for 127.0.0.1:6666 application URL can be reached to 127.0.0.1:8080

But from browser I get "proxy server is refusing connections" for application landing page.

How to configure burp to work with local apps running on 127.0.0.1?

Lester T.
  • 1,263
  • 1
  • 9
  • 21
Dheeraj Joshi
  • 283
  • 1
  • 2
  • 5

7 Answers7

18

If none of these solutions work for you, like they didn't work for me, you could try to change value network.proxy.allow_hijacking_localhost to true (using firefox v 67.0.1 64-bit).

Open new tab, type about:config in address bar, then type network.proxy.allow_hijacking_localhost and double click it to change its default value to true.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Java-Kree
  • 309
  • 3
  • 5
10

  1. In Burp go to Proxy / Options / Proxy listeners, and confirm the Running box is ticked.

  2. In proxy tab make sure intercept is turned off.

  3. Make sure the proxy in burp listener is 127.0.0.1:6666.

  4. Configure your browser to use 127.0.0.1:6666 as its proxy.

  5. Configure Burp to use your original LAN proxy (from your original browser configs) as its upstream proxy.

  6. Run your browser and access your application.

Update: Additional reasons could be browser restricted ports. You mentioned you are using Firefox. Try this.

  1. Type the following into Firefox address bar 'about:config'
  2. Type the following settings 'network.security.ports.banned.override'
  3. Enter your port number '6666'
Lester T.
  • 1,263
  • 1
  • 9
  • 21
  • It is working now at some other port. Looks like 6666 port had some issue even though proxy was running. changed port to 7878 and everything is fine now. – Dheeraj Joshi Nov 15 '16 at 04:23
  • Glad to know it worked for you. Are you using chrome? – Lester T. Nov 15 '16 at 04:28
  • Nope. I am using Firefox. Even though port proxy was running at 6666 with proxy listening ticked. Browser was unable to connect. But it works fine with port 7878. Are there comprehensive logs available for burp tools – Dheeraj Joshi Nov 15 '16 at 05:48
  • Port 6666 could be in the firefox restricted ports. I've edited the answers to include the "how to" to override the restrictions. – Lester T. Nov 15 '16 at 05:56
  • Yeah. It is restricted port. Didn't check that. – Dheeraj Joshi Nov 15 '16 at 07:54
  • cool. Google chrome has its fair share of restricted ports too – Lester T. Nov 15 '16 at 07:56
  • Here is a nice link showing Restricted ports on Google Chrome and some related info: https://superuser.com/questions/188058/which-ports-are-considered-unsafe-by-chrome – Astrophe Dec 10 '19 at 14:50
5

Try adding a '.' after "localhost". This should solve your problem.

eg.

http://localhost.:8080/WebGoat/ This will force the localhost to use the same proxy settings as one would with an internet connection/adapter

mahesh takkalwad
  • 51
  • 1
  • 1
  • Yeah, it worked. But, did not at first. After I removed Firefox and Burpsuite installations completely and install them again, dot solution coming after localhost domain name in url address bar worked. – Hasan Jun 19 '19 at 14:44
  • it works like a charm, be sure to add something after port number ex `localhost.:3000/some_url` or it will be search for it online – Mike D3ViD Tyson Feb 18 '20 at 18:28
2

You can solve this problem very simply. 

Firefox -> options -> network proxy ->
select on manual proxy configuration -> 
set the config shown in the image -> 
then clear the text area called "No proxy for" -> save

enter image description here

schroeder
  • 123,438
  • 55
  • 284
  • 319
hari
  • 31
  • 1
  • 2
    This does not address the port number issue. You do not explain how clearing this field helps. What was in there before? – schroeder May 25 '18 at 16:20
  • 2
    The comments under the accepted answer explain what the problem was, and it wasn't this ... – schroeder May 25 '18 at 16:21
1

Steps to follow to Intercept Localhost Traffic with Burp Suite Mozilla Firefox:

  1. Go to Mozilla and type about:config

enter image description here

  1. Accept the risk and continue.

enter image description here

  1. Now, search network.proxy.allow_hijacking_localhost and set the value from false to true

enter image description here

  1. Send request from the localhost, it will start intercepting

enter image description here

Muskan Agrawal
  • 11
  • 2
0

I am using IE. Go to: Internet Options -> LAN Settings -> Uncheck "Bypass proxy server for local address".

schroeder
  • 123,438
  • 55
  • 284
  • 319
Tamil
  • 1
0

There are quite many steps to set Burp Suite working on localhost, for example, to run this on Firefox you might need:

  1. Burp's certificate accessible via http://burp. Get the certificate from the URL, install and restart Firefox.
  2. Make sure your port is free, sometimes the default's 8080 is being used by different applications. Change this in Burp Suite -> Proxy -> Options -> Edit on the desired proxy listener.
  3. Set up the same proxy details in Firefox having the Manual proxy configuration option enabled, which you can see in Burp Suite -> Proxy -> Options.
  4. In Firefox you might need type about:config in the URL and set network.security.ports.banned.override to PORT_NUMBER (the same one which is in Burp Suite -> Proxy -> Options -> Edit and therefore in Firefox's proxy - yes, point 3.).
  5. In Firefox you might need type about:config in the URL and set network.proxy.allow.hijacking_localhost to true.
  6. Sometimes you might need to read more about upstream proxy if you have an additional proxy on your local machine, however in my case it was not required.
Daniel Danielecki
  • 103
  • 4