Burp Suite: Fix Interception Issues

TL;DR

Burp isn’t intercepting your traffic? This guide covers common causes and fixes, from browser settings to Burp configuration. We’ll walk through checking proxies, SSL certificates, scopes, and more.

1. Check Your Browser Proxy Settings

1. Verify the proxy is set correctly: Most browsers use a proxy server to route traffic through Burp Suite. Make sure your browser settings point to 127.0.0.1 and port 8080 (the default for Burp).

• Chrome/Edge: Settings > System > Open your computer’s proxy settings > LAN settings > Proxy server.
• Firefox: Preferences > General > Network Settings > Settings… > Manual proxy configuration.

Disable other proxies: Ensure no other applications or browser extensions are interfering with your proxy settings.

2. Install the Burp Suite CA Certificate

1. Access the certificate: Open a web browser and navigate to http://burpsuite (while Burp is running). This will download the Burp CA certificate.
2. Import into your browser:
   • Chrome/Edge: Settings > Privacy and security > Security > Manage device certificates > Trusted Root Certification Authorities > Import… Select the downloaded certificate file.
   • Firefox: Preferences > Privacy & Security > Certificates > View Certificates > Authorities > Import… Select the downloaded certificate file and trust it for identifying websites.
3. Restart your browser: A restart is often needed for the changes to take effect.

3. Configure Burp Suite Proxy

1. Listen on all interfaces: In Burp Suite, go to Proxy > Options. Under “Proxy Listeners”, ensure you have a listener configured on 127.0.0.1:8080 and that it’s set to listen on all interfaces (or the correct interface if needed).
2. Check Interception is enabled: In Burp Suite, go to Proxy > Options. Make sure “Intercept client requests” and “Intercept server responses” are checked under the “Interception” tab.

4. Scope Configuration

1. Define your target scope: Go to Target > Scope in Burp Suite. Add the URLs or domains you want to intercept traffic for. This prevents Burp from showing irrelevant requests.
2. Ensure ‘Consider only included scopes’ is checked: In the same tab, make sure this option is selected so that only requests within your defined scope are processed.

5. SSL Certificate Issues

1. Check for certificate errors: If you’re intercepting HTTPS traffic and see errors in Burp Suite (e.g., “SSL handshake failed”), the problem is likely related to certificates.
   • Ensure your browser trusts the Burp CA certificate (see Step 2).
   • If the target website uses an unusual or self-signed certificate, you might need to install it into Burp’s certificate store. Go to Proxy > Options > Import Certificates.

6. Burp Suite Updates and Restart

1. Update Burp: Ensure you’re using the latest version of Burp Suite. Outdated versions can have bugs that cause interception issues.
2. Restart Burp: A simple restart can often resolve temporary glitches.

7. Check for Conflicting Software

1. Antivirus/Firewall: Some antivirus or firewall programs may interfere with Burp Suite’s interception capabilities. Temporarily disable them to see if that resolves the issue (be careful when doing this!).
2. VPNs: VPN software can also conflict with Burp. Try disabling your VPN while using Burp.