Setup Android Virtual Device Monitoring with Burp Suite
Recently I was participating in a Hacking Competition in my company. There I need to check the vulnerability of mobile applications. They had provided an apk file. I need to install the somewhere and find security bugs.
I started the Burp Suite Community Edition. Go to Proxy tab. Options. There is already one entry for localhost => 127.0.0.1:8080. I used it for analyzing the web versions. The same can be used for the mobile app as well
I have Android Emulator installed which comes with Android Studio. I opened the AVD and started Android Emulator. Click on the triple dot in the right panel. Goto Settings -> Proxy -> Untick Use Android Studio HTTP proxy settings. Select Manual proxy configuration. Enter 127.0.0.1 in hostname and 8080 in Port Number. Apply. Now, this should intercept the network in Burp Suite.
Now you can see all the HTTP site traffic comes from the Emulator
But what happened with https site. You will get error stating Your connection is not private. NET::ERR_CERT_AUTHORITY_INVALID. As burp is sitting between Emulator and Internet, the emulator is not accepting the certificate from. We need to add the burp certificate in the emulator.
Lets export the burp certificate and import in Emulator. In Burp Suite, go to Proxy -> Options -> Import/export CA certificate -> Certificate in DER format -> Select a folder location -> save as burp.cer
Now move the certificate file to Emulator. Enter command in command line .\adb.exe push “C:\Data\BEH\BEH 2021\ClientCertificate\burp.cer” /sdcard . Check inside emulator. It should be copied inside /sdcard . Open settings inside Emulator -> Encryption & credentials -> Install a certificate -> Select CA certificate and browse burp.cer (Installation of certificate may be different for different android version). Now the https site should be opened in browser and traffic will be captured in Burpsute