How to Man-In-The-Middle a webapplication

So you’ve successfully MITM’ed a host on the network. Now you can do all sorts of stuff and intercept traffic and files and what-not, but how about not just intercepting it, but altering it? More precisely, let’s say you want to intercept and alter every request made to  a website?

This can be done with some iptables magic and the Burp proxy.

On a linux box, execute the following:

iptables -F -t nat
iptables -P INPUT ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 443 -j DNAT –to

This will make everything that is received on eth0 heading for port 443, pass through the proxy you have listening on port 8080 on the IP

When you’re done, in my experience it’s easier to just clear the iptables and re-run you usual setup script, rather than extracting the lines you’ve just inputted.