Unable to capture traffic on proxy port for http url - http-proxy

I am running a Groovy script to capture traffic over proxy port in OWASP ZAP.
For https site, I am setting the proxy as given below and I can see the traffic in ZAP when I run my script.
System.setProperty('https.proxyPort', '8083')
System.setProperty('https.proxyHost', '127.0.0.1')
For http site, I am setting the proxy as given below but I can not see the traffic.
System.setProperty('http.proxyPort', '8083')
System.setProperty('http.proxyHost', '127.0.0.1')
The same settings although work fine when configured on Chrome. I have tried using the IP address instead of 127.0.0.1 but that also did not help. What could be going on wrong here ?

Related

How to Set HTTPS proxy in Ferdi

How can set HTTP (SSL) proxy in programs ?
I want to use Nordvpn https proxy in programs. When I use NordVPN HTTP proxy in Ferdi in this format -
Proxy Host/IP : http://name.nordvpn.com
Port : 80
Username: Something
Password: Something
It works but when I use HTTPS proxy from NordVPN in this format.
Proxy Host/IP : https://name.nordvpn.com
Port : 80
Username: Something
Password: Something
It show error: ERR_PROXY_CONNECTION_FAILED
I got my servers from https://nordvpn.com/servers/tools/
and choosed below options
Advanced Option>P2P and HTTP Proxy for HTTP and HTTP SSL for HTTPS
Any Idea how can I use HTTPS proxy in ferdi and any mistake in above HTTPS format.
The port number used by the NordVPN HTTP SSL proxy is 89.
It's not published anywhere on their website, and I don't know why. Someone on Reddit figured it out by looking through the code of their browser plugin. I had the a similar problem and this port works for me.

Changing web to https

I am trying to change my site to https (port 443). Everything works correctly except for one thing, on my site i'm using a service call Yawcam which allows to stream a webcam (I'm using port 8081 to that end).
It is working when I use for my Apache server port 80 (http://myip:8081), but when using port 443 it doesn't respond (https://myip:8081).
All ports mentioned are opened to Public (80,443,8081) through my Windows Server firewall.
I'm out of ideas, do you have any?
This is nothing to do with your firewall, this is to do with the fact that you are using mixed content.
Chances are you are using http:// for the external service and this will be blocked by browsers as they do not like it when you try to load a less secure resource than the loaded page.
Try changing your external content URLs to https:// if possible.
You can see here for a little more info on what you could try: https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content/How_to_fix_website_with_mixed_content

JMeter recording for browser less application

My web application doesn't uses browser. It is a MS Word plugin and uses port 80.
When I try to record on port 80, Jmeter says 'port already in use'
And if i set other port in my app, app doesn't work properly.
What to do in this case??
Thanks
If your MS Word Plugin has proxy settings - configure it to use JMeter's Proxy.
If it doesn't have its own proxy settings - it should respect system proxy configuration (usually it can be configured via Internet Explorer proxy settings)
You can use 3rd-party tool like Wireshark or Fiddler to capture the traffic and convert it to JMeter .jmx script.
The only way you can do it as I see it is not through script recording but by setting requests in jMeter manually and build whole test plan like this. It's not so hard anyway if you know how your plugin works and requests you send. Some short info can be find here:
http://jmeter.apache.org/usermanual/build-web-test-plan.html
Error message 'port already in use' means that port 80 was assinged to some other service. You can't assign that port to Jmeter proxy server to start. (Jmeter has to start its own service on some unused port)
a. Just start Jmeter on its default port 8080 (or some other unused port).
b. Redirect required traffic to Jmeter proxy port (i.e, 8080). MS office will honor System proxy settings, so change the IE proxy setting to server '127.0.0.1' port '8080', it should automatically apply to office.
c. Now all the HTTP requests trigger from Office should visible in Jmeter Proxy recorder. After that you can move them to required location in Test Plan.
As Dmitri Said, you can also use Fiddler to track the requests (Prefer Fiddler over Wireshark, for its ease of use).
Good Luck!

Unable to redirect https traffic from external IP to loopback interface in Fiddler

I'm trying to use Fiddler to capture traffic that comes to my machine on its external ip address, and redirect it to the loopback interface without affecting the host header.
I have added the following to the OnBeforeRequest method:
if (oSession.HostnameIs("MyMachineName")){
oSession.bypassGateway = true;
oSession["x-overrideHost"] = "localhost";
}
This works fine for http traffic: I do indeed see a request to http://MyMachineName hit the loopback adaptor with its host header intact.
However, when intercepting https traffic I get the following in the response raw view:
fiddler.network.https> HTTPS handshake to auth.time-wise.net failed. System.IO.IOException The handshake failed due to an unexpected packet format.
I have Fiddler configured to capture and decrypt https traffic.
Does anyone know why this problem occurs and how it can be remedied?
Edit: in response to Eric's request for more information
Fiddler is running as a proxy (i.e. as standard), listening on port 8888.
The clients are (currently) web browsers on the same machine, and so are automatically using the Fiddler proxy, as they've picked up the change in default proxy.
You've left out some important details (e.g. what port is Fiddler running on, and how did you configure the remote client to send its traffic to Fiddler?)
Having said that, you will probably want to change your use of x-overrideHost to x-overrideHostname such that the port number of the traffic being retargeted is preserved.

Configure Vert.x proxy for Firefox

I would like to run a verticle at port 8080 on the localhost so that when I configure Firefox to use http://localhost:8080 as proxy, it will connect to the verticle and I should be able to get the URL that was requested.
In other words, whatever URL I type in my address bar(say www.google.com), that should be available in the verticle. My ultimate aim is to get the html at the URL, inject some script of my own and serve it up to the user.
Currently when I run a server at 8080 Firefox simply responds that Server didn't respond.
Also I am unable to println anything when I type a URL(like google.com) which seems to suggest a connection was never made. Instead when I type localhost:8080 I get a proper response as well as the absoluteURL.
Odd.. If you run the proxy example in the vertx-examples repository:
https://github.com/vert-x/vertx-examples/blob/master/src/raw/groovy/proxy/Server.groovy
That starts the proxy on port 8282. If you then go into the Firefox preferences:
Preferences -> Network -> Connection Settings
And set the HTTP Proxy to localhost, the port to 8282 and check the checkbox Use this proxy server for all protocols
Then typing google.com into the address bar should show logging in the terminal window, and the browser should display:
server-data-chunk-0server-data-chunk-1server-data-chunk-2server-data-chunk-3ser‌​ver-data-chunk-4server-data-chunk-5server-data-chunk-6server-data-chunk-7server-d‌​ata-chunk-8server-data-chunk-9
Maybe it's cached something in the browser? Try clearing the caches before navigating to google?

Resources