Using Linode to proxy Burp Suite traffic

As a pentester, you may find yourself working in a environment that has specific restrictions on the network. A firewall appliance of any kind can easily interfere with your testing by dropping or modifying packets being sent to your target, resulting in false positives or even worse false negatives.

To work around these limitations, you can use Linode's linux server offering to proxy all of your malicious burp traffic through. By doing this, you will bypass your local network restrictions and pipe everything out directly to the internet via Linode. So here's how you get started:

Assumptions: You are using Mac. You already have your browser and certificates configured to work with burp.

  1. Head over to the Linode website and sign up for an account. It's $5/month and the nanode instance should be sufficient to get started(~2min).
  2. Provision and deploy a linode instance using this guide(~5min): https://www.linode.com/docs/getting-started/#provision-your-linode . Test it out and make sure you can ssh into the linode at least once before proceeding.
  3. Close any existing ssh connections to your linode and the in the terminal type in ssh -D 12345 root@yourlinodeip . This will start a connection to your linode that will forward any local traffic passed on port 12345 over to your linode. Keep this terminal window running in the background during your testing(~1min).
  4. Over in Burp suite, open the Project Options > Connections tab(~2min).
  • Down in the section labeled SOCKS Proxy, check the box next to Override user options
  • Check the box next to Use SOCKS proxy
  • In the field labeled SOCKS proxy host, type in localhost
  • In the field labeled SOCKS proxy port, type in 12345
  • Check the box next to Do DNS lookups over SOCKS proxy

5.  Now, when your browser traffic flows through burp it will use your linode's internet connection rather than your local connection for all requests. You can confirm this is working by using your burp configured browser to check your IP address at https://whatsmyip.com/ . It should match the same IP address of your Linode instance(~1min).

Jesse Kinser

Just a hacker. DM's are open on Twitter @securitybites