TL;DR
This guide shows you how to configure Burp Suite to send traffic through another proxy server (an upstream proxy). This is useful for accessing resources behind a corporate firewall, or chaining proxies together.
Setting up an Upstream Proxy in Burp Suite
- Open Burp Suite Settings: Go to Proxy > Options.
- Select the Proxy Listener Tab: This is where you configure how Burp handles incoming connections, but also its upstream proxy settings.
- Scroll Down to Upstream Proxy Details: You’ll find a section labelled ‘Upstream Proxy’.
- Configure the Upstream Proxy:
- Host: Enter the hostname or IP address of your upstream proxy server (e.g.,
proxy.example.com). - Port: Enter the port number that the upstream proxy is listening on (e.g.,
8080). - Protocol: Choose the appropriate protocol for your upstream proxy – usually HTTP or HTTPS.
- Client Authentication: If your upstream proxy requires authentication, check ‘Use client authentication’ and enter the username and password.
- Host: Enter the hostname or IP address of your upstream proxy server (e.g.,
- Save Your Changes: Click Apply to save your new upstream proxy settings.
Testing the Upstream Proxy
- Verify Burp Suite Traffic: Browse a website through Burp Suite as you normally would.
- Check Interception: Ensure that traffic is being intercepted by Burp Suite. If it isn’t, double-check your browser proxy settings (see below).
- Inspect the Upstream Proxy Logs: Check the logs of your upstream proxy server to confirm that Burp Suite is connecting through it. The exact method for checking logs depends on your specific proxy software. For example, with Squid you might use
tail -f /var/log/squid/access.log.
- Browser Proxy Settings: Make sure your browser is configured to send traffic through Burp Suite’s listener (usually
127.0.0.1:8080). Common settings locations:- Chrome/Edge: Settings > System > Open your computer’s proxy settings
- Firefox: Settings > General > Network Settings > Settings…
Troubleshooting
- Connection Refused: If Burp Suite can’t connect to the upstream proxy, double-check the hostname and port number. Also ensure that the upstream proxy server is running and accessible from your machine.
- Authentication Errors: Verify that you have entered the correct username and password for the upstream proxy.
- SSL Certificate Issues: If you’re using HTTPS, make sure Burp Suite has a valid certificate installed and configured correctly. You may need to import the upstream proxy’s certificate into Burp Suite’s trust store (Proxy > Options > SSL Settings).
- Traffic Not Intercepted: Ensure your browser is using Burp as its proxy, and that Burp’s intercept is enabled.