Is there BurpSuit alternative that allows MITM to be performed not only on a browser but also on any programs whose local ports are randomly spawned?

Question

Recently I have come across an 0day in the most popular software in, let's just say "Entertainment" industry, where the remote code execution can be achieved via MITM.

Usually, I use Burp to accomplish MITM. But this one is a client-side program that spawns random local ports to send HTTP requests to its server. Since ports are randomized, Burp proxy couldn't channel traffic to its listener as Burp requires predefined proxy port to be bound to Firefox/Chrome

(The software I mentioned above is not a browser though it facilitates some behavior, so configuring it to use a proxy is basically out of the question).

So, is there any alternative program that could serve as a proxy, in the mean time provides similar real-time capabilities of Burp?

Answer 1

Firstly, you could still use Burp. You have 3 options, one might work:

1. Look for a proxy setup in the client. Lots of clients allow you to use proxies. You can look for a config parameter, or a command line switch etc.
2. Set the system proxy to use Burp. In this way all HTTP traffic will be sent to Burp. In linux you can use the http_proxy https_proxy environment variable, or in winsdows in the Internet Settings.
3. If the client connects to a hostname and not to an IP, you can configure this hostname in the OS's hosts file to resolve to 127.0.0.1 , and configure Burp to listen on the port, which the client tries to connect to. Of course this will not work, if the the server port is also randomized, but that would be really weird. In Burp you also have to configure to send the whole traffic to the target server and to work as a transparent proxy.

If all these don't work, you can try with bettercap, which is a MITM tool.