Adding burpsuites CA cert to IE and FireFox
So we all know how great burpsuite is, but don’t we all hate getting nagged by IE and Firefox about the certificate issues? Well here’s a quick way to add burpsuites CA certificate to them.
Background: During install burpsuite generates a new CA certificate and stores the private key on your machine, if you reinstall you’ll have to repeat the steps to trust the newly generated CA again.
Steps for Internet Explorer
Setup burp to act as your proxy within the Internet Options dialogue and then go to a HTTP based site, burp will generate a certificate using it’s own CA cert. You’ll get the following error:
Click Continue to this website in order to proceed to the website.
The address bar will now be red and to the right of the address click on Certificate Error followed by View certificates
Now you’ll need to select the Certification Path tab, then click PortSwigger CA followed by View Certificate
On the new Certificate details window you should see the certificate information for PortSwiggerCA, click Install Certificate…
On the Certificate Import Wizard we need to tell IE what certificate store to place the cert in, check Place all certificates in the following store and then click Browse
Select Trusted Root Certification Authorities followed by OK.
Click Finish on the next window
You’ll then receive a security warning as you are about to install a root Certificate Authority, click Yes to accept the install.
That’s it, you’re all done, just a simple reboot of IE to ensure the new CA is taken into account.
Steps for Firefox
Setup burp to be your proxy then go to any HTTPS based site, burp will generate a custom certificate for you based on that domain and as the CA is not known you’ll get the following error:
Click Add Exception and then on the following window Get Certificate and then View
Now go to the Details tab and within the Certificate Hierarchy select PortSwigger CA
Now select Export and save the certificate to your PC.
Now go to Tools–>Options Click the Advanced tab followed by the Encryption tab. Now click View Certificates
Within the Certificate Manager click the Authorities tab followed by Import
Now import the saved certificate from earlier.
In the next window ensure you have a tick against Trust this CA to identify web sites and then click OK
Now exit out of the open windows and you’re done.
- Things to do before a pentest – Infrastructure
- Thing to do before a pentest – Web Application
- base64 decoding in various languages
- Improving RaspberryPi USB performance
- Cracking a Juniper Netscreen ScreenOS Password Hash
- Poor mans VPN Pivot at last!
- One line python Meterpreter Reverse Shell
- Testing multiple VLANs the easy way – Trunk Ports
- canyoufindit.co.uk – GCHQ Code Spoiler Alert!
- Multi-threading python – a quick example