Sometimes, while intercepting a thick client, you might need to enable Invisible Proxy. A thick client is a software that usually runs outside of the browser framework. This means that some of this software doesn't have an option for HTTP proxies. When the client is not proxy-aware and is incapable of sending requests that are used by a proxy, such as Burp, we need to use the option of Invisible Proxy.
Since a thick client has no proxy options, we need to trick it into sending all its traffic to the machine where the Burp proxy can listen. For example, if the nonproxy-aware thick client needed to connect to https://example.com
, this is what we need to do:
Add a mapping for a domain to the loopback IP address in the default
Hosts
file. This file is usually found in the following paths for Windows and Linux / OS X:Windows/System32/drivers/etc/hosts
/etc/hosts
The mapping will look like this:
127.0.0.1 example.com
Once this is set, we need to add a new listener running on the...