Burp Suite, the leading toolkit for web application security testing

Configuring an iOS Device to Work With Burp

To test web applications using an IOS device you need to configure your Burp Proxy listener to accept connections on all network interfaces, and then connect both your device and your computer to the same wireless network. If you do not have an existing wireless network that is suitable, you can set up an ad-hoc wireless network.

Configure the Burp Proxy listener

In Burp, go to the “Proxy” tab and then the “Options” tab.

In the “Proxy Listeners" section, click the “Add” button.

 

In the "Binding" tab, in the “Bind to port:” box, enter a port number that is not currently in use, e.g. “8082”.

Then select the “All interfaces” option, and click "OK".

Note: You could alternatively edit the existing default proxy listener to listen on all interfaces. However, using different listeners for desktop and mobile devices enables you to filter these in the Proxy history view.

 

The Proxy listener should now be configured and running.

 

Configure your device to use the proxy

In your iOS device, go to the “Settings” menu.

 

Tap the “Wi-Fi” option from the "Settings" menu.

If your device is not already connected to the wireless network you are using, then switch the "Wi-Fi" button on, find your network in the list, and tap it to connect. Enter your network password if prompted.

 

Tap the “i” (information) option next to the name of your network.

 

Under the "HTTP PROXY" title, tap the “Manual” tab.

In the "Server" field, enter the IP address of the computer that is running Burp.

In the “Port” field, enter the port number configured in the “Proxy Listeners” section earlier, in this example “8082”.

 

Test the configuration

In Burp, go to the "Proxy Intercept" tab, and ensure that intercept is “on” (if the button says “Intercept is off" then click it to toggle the interception status).

 

Open the browser on your iOS device and go to an HTTP web page (you can visit an HTTPS web page when you have installed Burp's CA certificate in your iOS device).

 

The request should be intercepted in Burp.



We welcome feedback about the content on the Support Center. Please let us know if you have any feedback on this article or want to request a new article.

support@portswigger.net
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete

Copyright © 2016 PortSwigger Ltd. All rights reserved. Customer service software powered by Desk.com.