![]() # (I needed this to allow DNS resolution in AWS EC2 when the VPN is running) # find out and write down your local DNS servers' IP addresses # find out and write down your local gateway's IP address Whitelist any local DNS servers if needed.Whitelist your jump host (or home/office IP) from the VPN by directing traffic through the usual gateway ( source).Upload the ovpn file containing the config of the VPN you want to connect to.Once up and running, you will need the following configured: I am a fan of Debian, so I spun up an Ubuntu 18.04 image. through the VPN when the VPN is activated).īecause it’s cheap, I opted for a t2.micro instance in AWS EC2 to set up the connection with the VPN. This will set up an SSH tunnel that will redirect all traffic proxied through port 2222 on the jump host, towards the original destination via the AWS EC2 instance (i.e. On this jump host, make sure you have access to the EC2 instance’s private key (if applicable), and set up a SOCKS proxy using the following command: ssh -i ~/ssh-private-key.pem -D 2222 ![]() Most importantly, the VPS’s static IP will allow us to configure the traffic to and from this jump host to avoid being sent over the VPN. Otherwise, this jump host will serve as a bridge towards your VPN-connected EC2 instance. your current IP will do), you can skip this. If you have a static IP on your home or office network, or this is intended as a temporary setup (i.e. In other words, the web applications you are testing will see you coming from Target X’s IP address range, rather than from your own. The VPN tunnel is of course the core of this setup, and will allow you to tunnel your (selected) traffic either towards assets inside a target’s environment, or towards internet-accessible assets, but originating from the target’s network. The setupĪrchitecturally, the solution that I will describe looks like this: High-level diagram of proxying traffic through a VPN using Burp Suite. While this definitely works, I found that separating my testing activities from other network activity is not only a privacy-conscious decision, but also helps towards freeing up as much of the VPN bandwidth as is possible, because now it is no longer occupied with superfluous traffic. ![]() To accommodate this need, you may be inclined to install an OpenVPN client on your local testing machine and get going.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |