Skip to content

Instantly share code, notes, and snippets.

@koenrh

koenrh/proxify-vmware-fusion-vm.md

Created July 8, 2019 15:41
Show Gist options
  • Star 13 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save koenrh/3904b434a63d940cf787c882aabdfa7b to your computer and use it in GitHub Desktop.
Save koenrh/3904b434a63d940cf787c882aabdfa7b to your computer and use it in GitHub Desktop.
Download ZIP
This is a little guide that helps you to "proxify" a VMware Fusion virtual machine on macOS. This can be useful if you want to isolate and analyse web traffic to/from an application by running it in a VM.
Raw
proxify-vmware-fusion-vm.md

Proxifying a VMware Fusion virtual machine on macOS

This is a little guide that helps you to "proxify" a VMware Fusion virtual machine on macOS. This can be useful if you want to isolate and analyse web traffic to/from an application by running it in a VM.

Prerequisites

  • VMware Fusion 11 Pro
  • Transparent HTTP/HTTPS proxy (e.g. Burp Suite Pro or mitmproxy)

Configure VMware command-line utilities

Not required, but helpful if you plan on using the VMware-provided command-line utilities.

  • Make sure that /Applications/VMware\ Fusion.app/Contents/Library/ is in your $PATH
  • Assign the path to the virtual machine to a variable: vmpath="$HOME/vms/macos-test.vmwarevm"

Networking

Configure the network

Create a new custom network through the VMware Fusion GUI app.

  1. Open the network preferences: 'Preferences' > 'Network'
  2. Click the plus sign to add a new custom network
  3. Uncheck "Provide addresses on this network via DHCP"
  4. Apply changes

You could verify it as follows:

$ vmrun listNetworkAdapters "$vmpath"

Total network adapters: 1
INDEX  TYPE         VMNET
0      custom       vmnet2

If the network adapter was not attached to the virtual machine, you could add it using the following command (the virtual machine needs to be powerd off):

vmrun addNetworkAdapter "$vmpath" custom vmnet2

Configure DHCP server

  1. Install dnsmasq: brew install dnsmasq
  2. Run dnsmasq (sudo dnsmasq -dC dnsmasq_vmware.conf) with the following minimal configuration:
# dnsmasq_vmware.conf

domain-needed
bogus-priv
no-poll

interface=vmnet2
listen-address=192.168.124.1

dhcp-range=192.168.124.10,192.168.124.255,96h

dhcp-option=option:router,192.168.124.1
dhcp-option=option:dns-server,192.168.124.1

Configure the host

  1. Open the /etc/pf.conf file in an editor
  2. Add the configuration below right after rdr-anchor "com.apple/*" (and before dummynet-anchor "com.apple/*")
  3. Verify the configuration: pfctl -vnf /etc/pf.conf
  4. Apply the updated configuration: sudo pfctl -ef /etc/pf.conf
nat on en1 proto { tcp, udp } from 192.168.124.0/24 to any -> (en1)
rdr on vmnet2 inet proto tcp from any to any port { 80, 443 } -> 127.0.0.1 port 8080
pass from { lo0, 192.168.124.0/24 } to any keep state
  1. Enable packet forwarding: sudo sysctl net.inet.ip.forwarding=1

Proxy listening

Burp Suite Pro

  1. Add a new Proxy Listener ('Proxy' > 'Options') that binds to the loopback address (127.0.0.1) on port 8080
  2. Configure the Proxy Listener to use the transparent mode: edit Proxy Listener > 'Request handling' > check "Support invisible proxying"
  3. Install the Burp CA certificate (available through http://burp) in the root store of the browser or OS running in the virtual machine
  4. If it doesn't work right away then try to disable/enable the Proxy Listener (check/uncheck 'Running')

mitmproxy

  1. mitmproxy --mode transparent --showhost
  2. Install the mitmproxy CA certificate (available through http://mitm.it) in the trust store of the browser or OS running in the virtual machine
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment