Binding Burp to a privileged port

Submitted by abb on Thu, 09/08/2011 - 17:44

Sometimes it is useful to run an intercepting proxy (running non-root user) on a privileged port. On debian-based systems it is possible using authbind facility.

The first step is to record the necessary port number in authbind config:

$ sudo touch /etc/authbind/byport/443
$ sudo chown abb:abb /etc/authbind/byport/443
$ sudo chmod 755 /etc/authbind/byport/443

After that, run Burp with authbind to let it use privileged port configured above:

$ authbind --deep java -Djava.net.preferIPv4Stack=true -jar burpsuite_pro_v1.4.01.jar

Alternatives to this approach is to run Burp as root or bind it to non-privileged port and redirect traffic from privileged port with iptables.

Contacts

+32 (0) 2 215 53 58

Gremwell BVBA
Sint-Katherinastraat 24
1742 Ternat
Belgium
VAT: BE 0821.897.133.