Intercepting traffic from thick client applications

Hi everyone, In this tutorial, we will learn how to intercept traffic from the thick client applications.

Fiddler is a free web debugging proxy for any browser and platform. You can download it from below official link:

Fiddler Classic | Original Web Capturing Tool for Windows

1. Install and open fiddler.

Fiddler interface

2. Fiddler allows you to decrypt HTTPS traffic by installing its root certificate and enabling HTTPS decryption. Navigate to Tools →Options →HTTPS, and check the checkbox that says “Capture HTTPS CONNECTs” , “Decrypt HTTPS Traffic” and “Ignore server certificate errors”.

HTTPS tab

3. Click on “Actions”, then “Trust Root Certificate”. Follow the popup’s instructions to add Fiddler’s certificate to the list of trusted certificates.

4. We can configure “Manual Proxy Configuration” in which fiddler will redirect the traffic to our burpsuite proxy. Navigate to Tools →Options →Gateway. Select “Manual Proxy Configuration” and set burpsuite listener proxy.

Gateway tab

5. Open burp and navigate to the proxy → options tab. Verify that the proxy listener is active and set to 127.0.0.1:8080.

6. Click on the “WinConfig” button and select “exempt none” to avoid system applications traffic being intercepted.

7. Launch thick client application.

Thick client application

8. You can see request captured in burpproxy.

To intercept Non-Https traffic checkout following referenced writeup

Intercepting Non-HTTP Request Using Burp Suite + Extension

Intercepting FTP Service & Retrieve User Credential

That’s all for today folks, Thanks…