Network Traffic
In this post we will learn how to intercept application traffic using proxy tool
Tools
Burpsuite proxy tool
Setup
Run burpsuite
Configure proxy options
listen on port 5555 for example
All Interfaces
Install Burp Certificate as system certificate
Download certificate from web browser
http://burp
Configure the certificate to install it as system certificate
openssl x509 -inform DER -in cacert.der -out cacert.pem
openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1
mv cacert.pem <hash>.0
adb push9a <hash>.0 /system/etc/security/cacerts/
adb shell
chmod 644 /system/etc/security/cacerts/<hash>.0
Configure device proxy
go to settings > WI-FI
Keep pressing on the wifi
Modify Network
proxy hostname = Insert the ip for the machine which run burpsuite
proxy port = 5555
Save!
SSL Pinning Bypass
SSLUnpinning
SSL Unpinning is a powerful tool for SSL Pinning bypasses.
First we need to install Xposed Framework / Xposed APK installer
APK Installer : https://xposed-installer.en.uptodown.com/android
Drag and drop it into the device
Framework : https://dl-xda.xposed.info/framework/
We should choose the sdk version that match our device ( for example choose sdk25)
Then x86 => then
Drag and drop the zip file into the device
Open the application
from the downloads menu search for SSLUnpinning => Install it
Or Download the APK directly from here : https://github.com/ac-pm/SSLUnpinning_Xposed
Restart the device
Open SSLUnpinning application
Click on + icon and scroll until you found the application package that you want to apply bypass to it.
Frida
Download frida script from here as ssl-bypass.js
After run frida-server on the device run frida as follows
Last updated
Was this helpful?