I try to Man in the Middle the traffic of an App to a Cloud. For this purpose I use the Burp-Suite Pro Edition.
What I've done:
- Setup a WiFi with an Alfa-Wifi-Dongle and create_ap; shared the network with my eth0.
- Connect my Mobile Device to it and tested connection to http://example.com
- Started an invisible proxy in Burp listening on *:1337
- Try to route the traffic through the listener:
echo "1" > /proc/sys/net/ipv4/ip_forward
nft add table ip mitm
nft add chain mitm prerouting {type nat hook prerouting priority 100 \;}
nft add rule ip mitm prerouting iifname eth0 tcp dport 80 counter redirect to :1337
nft add rule ip mitm prerouting iifname eth0 tcp dport 80 counter dnat to 127.0.0.1:1337
Last steps are the same for any other ports I try to intercept (443, 8800 e.g.)
What I've tried so far:
- Changed the Interface of the routing
- Changed the Target Scope in Burp
- Changed the invisible proxy to a non invisible proxy (now you know how desperate I am)
- Changed the nftables destination host to only example.com
- Used another proxy-host instead of localhost