The following are the steps you can go through to listen to all HTTP traffic using Burp:
- Open the Firefox browser and go to Options.
- In the General tab, scroll down to the Network Proxy section and then click Settings.
- In the Connection Settings, select Manual proxy configuration and type in the IP address of 127.0.0.1 with port 8080. Select the Use this proxy server for all protocols checkbox:
- Make sure the No proxy for the textbox is blank, as shown in the following screenshot, and then click OK:
- With the OWASP BWA VM running in the background and using Firefox to browse to the URL specific to your machine (that is, the IP address shown on the Linux VM in VirtualBox), click the reload button (the arrow in a circle) to see the traffic captured in Burp.
- If you don't happen to see any traffic, check whether Proxy Intercept is holding up the request. If the button labeled Intercept is on is depressed, as shown in the following screenshot, then click the button again to disable the interception. After doing so, the traffic should flow freely into Burp, as follows:
In the following, Proxy | Intercept button is disabled:
- If everything is working properly, you will see traffic on your Target | Site map tab similar to what is shown in the following screenshot. Your IP address will be different, of course, and you may have more items shown within your Site map. Congratulations! You now have Burp listening to all of your browser traffic!
