IPRotate_Burp_Extension icon indicating copy to clipboard operation
IPRotate_Burp_Extension copied to clipboard

Published 20 hours ago verified publisher icon RhinoSecurityLabs

not changing ip

Open adrian-rt opened this issue 10 months ago • 1 comments

Hi,

The extension seems to be configured ok, I don't see any errors anywhre, but it's not changing the ip either.

Is this still working? Where should I start debugging if I don't see any new ips? I've not seen any errors in AWS CloudTrail either.

thanks,.

adrian-rt avatar Apr 03 '24 16:04 adrian-rt

The behaviour seems very strange, it seems to work ocasionally.

For example, I got it to work while setting the target host to: www.showmyip.com and I see a new ip, however if I set the target hos to iplocation.net or ifconfig.co it doesn't show a new ip.

adrian-rt avatar Apr 04 '24 09:04 adrian-rt

This looks to be because www.iplocation.net takes the IP from the X-Forwarded-For header in the request (which is your IP by default in API GW).

To change this you can add a match and replace rule in burp to add in an arbitrary X-Forwarded-For header which will be sent through to the API GW.

In the case of www.iplocation.net this still will not make it respond with the proxied IP because it just take the value from the header but it does answer the question of what is going on there.

image

DaveYesland avatar May 14 '24 20:05 DaveYesland

Some changes were added that allow you to auto generate a random X-Forwarded-For header: https://github.com/RhinoSecurityLabs/IPRotate_Burp_Extension/pull/63

DaveYesland avatar May 14 '24 20:05 DaveYesland

Thank you @DaveYesland for the fix

Hunterdawn82 avatar May 15 '24 11:05 Hunterdawn82