How to bypass Cloudflare protection with Burp?

About

Asked 26/11, 2021 at 19:54 Answered 29/9, 2024 at 9:23

I'm inspecting web page and using Burp suite to intercept HTTP requests made by JS. For certain URL I receive 403 status and Claudflare's page with message "Please turn JavaScript on and reload the page". JS is turned on in my browser (Firefox) and that URL works fine with disabled proxy.

How Cloudflare detects Burp and how to bypass it?

Gonyea answered 26/11, 2021 at 19:54 Comment(0)

In my case I was able to fool Cloudflare simply by overriding the default User-Agent header that Burspsuite uses. Go to Proxy > Options > Match and Replace then add and enable a Request header rule that overrides the User-Agent header:

Match	Replace
`^User-Agent.*$`	`User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0`

Allmon answered 11/10, 2022 at 10:18 Comment(2)

Don't forget to tick regex match in the popup :D – Holpen 8/4, 2023 at 9:59

And how would you do this for every tool in Burp? Such as repeater, active scan, etc.? – Joinery 2/1, 2024 at 23:33

For every burp tool, do this in Proxy > Proxy Settings > Session handling rules. Add a rule that adds specific header value for User-Agent: and tick Add if not present.

Don't forget to set tight scope so you don't break anything else.

Salmonella answered 19/1, 2024 at 14:29 Comment(0)

In Burp, go to Settings > Network > TLS > TLS negotiation > select 'Use custom protocols and ciphers" > TLS Ciphers window appears, scroll down and disable the last 3 enabled ciphers in this list.

Celisse answered 29/9, 2024 at 9:23 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags