Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

[Android] Intercept Traffic Issue

Mahendra | Last updated: Jan 24, 2019 11:41AM UTC

ok straight to the point : Device : Android 5 (Already Inject Certificate from burp suite) Burpsuite : 1.7.37 i try browsing to google to make sure certificate installed correctly by NOT displaying "your connection is not secure" ==> burp suite can intercept without problem. but here's the main problem, i have scenario like this : our main test server behind cloudflare, here's the topology (example IP address) : USER ==> 15.15.15.15 (Cloudflare : 443 - Reverse Proxy) ==> 16.16.16.16 (Main Server : 8123) Burpsuite setting : Using Wifi Proxy : all interface Port 8080 so the topology : Pentester (proxy 8080) ==> Burpsuite ==> 15.15.15.15 (Cloudflare : 443) ==> 16.16.16.16 (Main Server : 8123) Burpsuite cannot intercept any traffic from android apps, and when i back to browser it can intercept perfectly. what's wrong here, i still figuring out until now and yes ... no luck :( any advice or idea ? regards, Mahendra M.W.

Liam, PortSwigger Agent | Last updated: Jan 24, 2019 02:49PM UTC

What seems to be the issue with intercepting traffic from your device? Are you seeing any error messages? Have you tried using WireShark to take a look what is happening to the traffic? Is it possible that the application is using certificate pinning?

Burp User | Last updated: Jan 25, 2019 04:14AM UTC

Hi Liam, what if the apps use certificate pinning ? Regards, Mahendra M.W.

Liam, PortSwigger Agent | Last updated: Jan 25, 2019 08:23AM UTC

If the app is using certificate pinning, you could try need using a tool like Trust Killer to bypass that. Try following these instructions: https://serializethoughts.com/2016/09/10/905/

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.