Entrepreneur, Blogger, Author

On Friday, February 17, 2017 by Nishant Verma in , ,

Network Calls profiling for Mobile

Steps to intercept network calls:
  1. Download and install free version of burp (Location here: https://portswigger.net/burp/download.html)
  2. Launch the JAR and navigate to Start up.
  3. From menu tab select ProxyOptions
    1. In proxy Listeners section, click on Add
    2. Enter Bind to port value as 8080
    3. Choose Specific address and select your machine IP address. Press OK
  4. Click on HTTP history tab. Click on text: "Filter : Hiding CSS, image and general binary content”
  5. In Filter by MIME type, Select CSS, Images.
  6. Click on Filter tab again to close the window.

Steps to modify emulator settings:
  1. Start the android emulator
  2. After starting an android emulator, go to Settings->WiFi then click and hold the active wifi connection and select modify network.
  3. Click on Show advanced options” and in proxy (by default it is set to none) click on the drop down menu and select manual and now you should see more options like Proxy hostname and proxy port.
In the host name put the IP address of the Host machine which is the IP address you entered in burp and port number was 8080 (port to which burp proxy is binded) and click on Save and now you will be able to intercept all the HTTP (unencrypted) traffic that is sent by the android applications.


Install Certificate on the device

1. change the proxy setting in the browser and set the host to localhost and port to 8080 and click on CA Certificate and it will download a CA certificate.

2. Rename the CA certificate to cacert.crt and push it to the emulator SDCARD using the following commands:


  1. adb connect 192.168.56.101
  1. adb push cacert.crt /mnt/sdcard/cacert.crt

3. Now in the emulator / device go to Settings->Security in the Credential storage select Install form SD Card” and then you can select the cacert.crt” file present in the sd card and give the name cacert and click on OK and it will ask you to set a lock screen click on ok and select a type of lock screen and confirm (don’t forget the lock screen pattern)
 

For iOS devices:


Set the iOS Device Proxy
  1. Tap Settings > General > Network > Wi-Fi.
  2. Tap the Settings for the Wi-Fi network.
  3. Tap the Manual option in the HTTP Proxy section.
  4. In the Server box, type the IP address or hostname of your Fiddler instance.
  5. In the Port box, type the port Fiddler is listening on (usually 8080).
Web Analytics