We can sniff all traffic that is happening on our Android phone. The idea is by connecting our phone to a proxy that acts as MITM or Middleman. Same as Pi-hole able to showing all log DNS queries, Burp can be acting as proxy software to capture all traffic that comes to it.
Manganese (Mn), chemical element, one of the silvery white, hard, brittle metals of Group 7 (VIIb) of the periodic table. It was recognized as an element in 1774 by the Swedish chemist Carl Wilhelm Scheele while working with the mineral pyrolusite and was isolated the. Mn element. Mare Nostrum Elements is a versatile entity that acts as a Performance Group, Training Outlet and Production Company. In its dedication to the expression of human emotion through dance, theater and movement, Mare Nostrum Elements strives to reduce the distance between artistic disciplines by exploring their points of intersection and sharing the results through performances, workshops. Manganese is an extremely versatile element. It can exist in six different oxidation states. In nature, it is usually found in either its reduced +2 state, which easily dissolves in water or in the +4 state, which forms many types of insoluble oxides. Manganese Manganese is a chemical element with symbol Mn and atomic number 25. Classified as a transition metal, Manganese is a solid at room temperature.
We need to configure our browser to use the Burp Proxy listener as its HTTP proxy server. To do this, we need to change our browser's proxy settings to use the proxy host address (by default, 127.0.0.1) and port (by default, 8080) for both HTTP and HTTPS protocols, with no exceptions. Select Manual proxy configuration and enter 127.0.0.1 for HTTP Proxy and 8080 for Port. These are the default settings for Burp. These are the default settings for Burp.
Click on the Proxy tab located on the top row, and then click the options tab just below in the second row. You’ll notice all of the proxy settings available here, but there’s a few we want to focus on to get started. Let’s do it manually with the following simple steps – Boot inside your Firefox browser and go to Options. There, in the General tab, scroll down to the Network Settings and hit the Settings button. Over in the Connection Settings, opt the Manual proxy configuration and type in the IP address as 127.0.0.1 with the port as 8080.
Here is how it works from a high-level. Our phone connects to the internet as usual via the router. To monitor the traffic, we shall route our request to a single place, called a proxy server. This proxy will capture and have the ability to intercept the traffic and sending it to the internet. The response from the request is also going into the same channel flow.
![Burp Proxy Settings Burp Proxy Settings](/uploads/1/3/7/5/137576788/194017153.png)
Android Phone (Use Proxy’s Cert) —> Proxy —> Internet
How to ensure this solution works for HTTPS, which encrypted with certification? To make this works, we need to inject our certification into the device and make it trusted (There will be step for that). If our own certification acknowledged by the device, then we can decrypt the traffic from the server that issued the certification.
In this full guide on how to capture the traffic network, I am using a local wifi connection with Windows 10. There no significant difference when setting up this solution in Ubuntu 20.04 or Windows 10. Also, ensure your Android phone have access to the same router as your Laptop, where both IP can communicate under same network.
Attention, this step only works to capture all traffic from a mobile browser in Android that using HTTP and HTTPS as communication. This approach may not works for mostly app since they use SSL Pinning. I will cover the solution in next article. Also, you don’t need to root your Android phone to monitor the traffic.
Here are the guideline
1. Install Burp Suite Community Edition
Go to Burp Suite Free version download page and install it into your Windows 10 or Ubuntu.
Go to Burp Suite Free version download page and install it into your Windows 10 or Ubuntu.
2. Setup Burp Proxy on your Computer
Open the Burp Suite and click Next until the main page. Select Proxy and go to the options. Click Edit on 127.0.0.1 and change it into your IP address from Wifi. Go back to Intercept page and click off as now.
Open the Burp Suite and click Next until the main page. Select Proxy and go to the options. Click Edit on 127.0.0.1 and change it into your IP address from Wifi. Go back to Intercept page and click off as now.
To test if the Proxy server is already running, please visit your IP:8080, and you should see the webpage with “CA Certificate” button on the top right. That is an important link because you need to download the certification from it.
![Burp proxy setup Burp proxy setup](/uploads/1/3/7/5/137576788/166169424.png)
3. Make BURP’s certificate trusted by your Android device (non-root)
Go to your Android’s browser and open Burp IP:8000. Click on “CA Certificate” and Download it.
Go to your Android’s browser and open Burp IP:8000. Click on “CA Certificate” and Download it.
4. Install CA Certificate in Android
Next, go to files and move this certificate into home path “/Internal Storage”. Rename the extension “cacert.der” into “cacert.cer” to make it visible from Android certificate installation.
Next, go to files and move this certificate into home path “/Internal Storage”. Rename the extension “cacert.der” into “cacert.cer” to make it visible from Android certificate installation.
Go to “Other security settings” settings, click on “Install from device storage”. Select the cer file and setup it for both “Wifi” and “VPN and Apps” (we gonna use this in next article).
5. Configure your Android Wifi connection
The last step, go to your wifi settings and change the configuration to use proxy as your computer/laptop IP address where Burp Suite running. eg: IP:8080.
The last step, go to your wifi settings and change the configuration to use proxy as your computer/laptop IP address where Burp Suite running. eg: IP:8080.
6. Test Monitor Traffic in your Android
Go to your browser and open this page “https://yodiw.com” and you should able to see the traffic in Burp Suite
Go to your browser and open this page “https://yodiw.com” and you should able to see the traffic in Burp Suite
It’s done. Whenever you browse from your Android phone, you can see all the network traffic in Burp Suite. Happy hacking! To solve problem where Burp can’t monitor android app traffic because SSL pinning will be cover by next article.
Note: These steps are only necessary if you want to use an external browser for manual testing with Burp. If you prefer, you can just use Burp's embedded browser, which is preconfigured to work with Burp Proxy already. To access the embedded browser, go to the 'Proxy' > 'Intercept' tab, and click 'Open Browser'.
Once you have confirmed that the proxy listener is up and running, you need to configure your browser to use it as its HTTP proxy server. To do this, you change your browser's proxy settings to use the proxy host address (by default,
127.0.0.1
) and port (by default, 8080
) for both HTTP and HTTPS protocols, with no exceptions. This ensures that all HTTP and HTTPS traffic will pass through Burp. The details of how to do this vary by browser and version. Please refer to the relevant section below based on which browser you intend to use with Burp. Check your browser proxy configuration
When you've configured your browser, you need to test that it is working properly by performing the following steps. Adobe animate smooth motion. If anything does not happen in the way described below, there is a problem with your browser configuration. In this case, please refer to the troubleshooting page.
Burp Proxy Settings For Chrome
- Make sure you have checked that the proxy listener is active and have configured your chosen browser.
- With Burp running, open the browser that you configured and go to any HTTP URL (don't use HTTPS for the moment). Your browser should sit waiting for the request to complete, that is, it should look like it is stuck trying to load a page. This is because Burp has intercepted the HTTP request that your browser is trying to send.
- In Burp, go to the 'Proxy' tab and open the 'Intercept' sub-tab. Both of these tabs should be highlighted. On the 'Intercept' tab, you should see the intercepted HTTP request in the main panel.
- Notice the button that says 'Intercept is on'. If you click it, it will change to 'Intercept is off' and the request will be released from Burp.
- Go back to your browser. You should now see the requested page loading as it would during normal browsing.
Burp Proxy Settings Windows 10
If everything went as described above, you have finished the mandatory configuration steps for using an external browser with Burp Suite. However, at the moment you will only be able to test web applications that exclusively use HTTP. If you try and access an HTTPS URL using your external browser, you will notice that the connection is blocked. Therefore, we strongly recommend that you perform the final additional step to install Burp's CA certificate so that you can also test applications using HTTPS.