Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Android traffic interception when app is accessed via VPN

Garry | Last updated: Jun 21, 2018 05:22AM UTC

hi , My Android app is accessible only when connected via VPN connection on my Android device. Please tell me how to intercept app traffic on my laptop running Burp tool Regards, Garry

PortSwigger Agent | Last updated: Jun 21, 2018 12:31PM UTC

Hi Garry, Thanks for your message. Intercepting an app that needs a VPN is usually possible, although it can be a little tricky. The approach I recommend is: 1) Run the VPN on your workstation - the same computer running Burp. 2) Disable the VPN on the Android device 3) Configure the Android device to use Burp as a proxy: - https://support.portswigger.net/customer/portal/articles/1841101-configuring-an-android-device-to-work-with-burp Please let us know if you need any further assistance.

Burp User | Last updated: Jun 22, 2018 10:09AM UTC

Thanks Paul, I tried following: 1. Turned On 'HotSpot' on my machine and connected VPN with internet provided through WIFI . 2. Disabling VPN on device and connected to same Wifi that my machine was connected to. 3. Accessed the app from the device without proxy tool. App threw error : ERR_NAME_NOT_RESOVLED" on the Android device I just wanted to make sure the App is accessible via machine N/W first before proxying Please suggest Thanks and Regards, Gourish Gaonkar

PortSwigger Agent | Last updated: Jun 22, 2018 10:10AM UTC

Hi Gourish, I think that because you've disabled the VPN on the device, the app will now only work when proxying. I suggest you start by checking a browser on the device can proxy through Burp. When that's working, try using the app. Please let us know if you need any further assistance.

Burp User | Last updated: Jun 27, 2018 06:18AM UTC

Thanks Paul, I tried the same and browser traffic is able to proxy through Burp. But app is not able to proxy its traffic to Burp Rds

PortSwigger Agent | Last updated: Jun 27, 2018 07:12AM UTC

Hi Garry, Ok, it sounds like this app will be difficult to intercept. Do you get any specific error message from the app? The next step would be to use Wireshark to identify what the app is doing. If the app is not using the proxy, you can use a technique like this: - https://support.portswigger.net/customer/portal/articles/2899081-using-burp-s-invisible-proxy-settings-to-test-a-non-proxy-aware-thick-client-application If the app is using the proxy, but failing for some other reason, you may be able to diagnose that with Wireshark. If the app is rejecting SSL, it may be using certificate pinning. There's some information on bypassing that here: - https://blog.netspi.com/four-ways-bypass-android-ssl-verification-certificate-pinning/

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.