doyensec
capture request directly from burp/mitm/browser
Hi, the tool is great, however it won't work in all cases. For example in Facebook servers if the "Upgrade: websocket" request is intercepted it will throw "400 Bad Request" not the usual "100 switching protocols". this also happens on burp suite if this request is intercepted.
so I am asking if there's a possibility to make the tool listen for requests when you open a website on your browser. something like burp suite upstream proxy, so users can use burp as they normally do, but in the terminal they have wsrepl listening to websocket requests and by using wsrepl plugins api (great feature btw) they can modify requests "on the fly".
Thanks!
after a couple of trials, it seems the problem emerges from "duplicated headers". when you select the "upgrade: websocket" request on burp suite and click "copy as curl command", it will generate a curl command. when you try this on a facebook server (e.g., https://edge-chat.facebook.com/chat) and enable the proxy option (-p http://127.0.0.1:8080) you will see that the wsrepl sends 3 duplicate headers "Host", "Upgrade", "Connection" which is causing the "400 Bad Request Error"
To resolve this bug, you need to remove theses 3 headers from wsrepl command, then the websocket connection will establish successfully. However i think the tool should check if these headers are supplied, and if so sends only one of each of them.
I still think it will be awesome if the upstream proxy option is added to automatically listen for websocket requests and edit them "on the fly" using wsrepl plugins
Thank you for the root cause analysis, the bug should be fixed! The upstream proxy feature would be a cool addition though, so I'm keeping the issue open for now.
