Bypassing IP Based Blocking with IP Rotate Burp Extension.
This is my first writeups. I hope you like it.
I am going to walk to through step by step guide to setup IP Rotate Burp Extension.
First thing first what is “IP Rotate”
its a burp suite extension developed by David Yesland.
This is useful to bypass different kinds of IP blocking like bruteforce protection that blocks based on IP, API rate limiting based on IP or WAF blocking based on IP etc.
- Login to your aws account.
- After login click on profile button(your name).
you will see dropdown menu then click on Security credentials.
3. you will see a page similar to image below then click on users
4. now click on Add users button.
5. after clicking on add users button you will see a page similar to image below.
fill the page with mandatory details then click “Next: Permissions”.
6. on permissions page click on “Attach existing policies directly” then on search bar search “api”.
select two policies “AmazonAPIGatewayAdministrator” and “AmazonAPIGatewayInvokeFullAccess” then click “Next:Tags”.
7. if you like to add tags you can add but i am leaving the blank because its optional after filling this click “Next:Review”
8. make sure your review page data match with below image.
if you missed something go back and correct that.
9. Now you will see Create user button at the bottom of the page.
go ahead and click on that.
after clicking on that button you will see a page similar to this.
first click on “Download .csv” to download the “Access key” and “Secret key”.
Now click on “Show” button.
10. Fire up your burp suite and goto extender tab then install “IP Rotate” extension.
after installing the extension click on that.
now copy and paste access key and secret key from you aws then click “Save Keys”
11. your extension is ready to bypass ip based protection.
just change the target name and select the how many gateways you want to use then click on “Enable” button.