I did a quick video last night for someone on proxying the newer version of Android SDK with Genymotion as the changes back in version 7 make it a bit more difficult to proxy https traffic and I get a lot of questions on a regular basis even years later...
Hopefully this video helps anyone else out that may be running into the same troubles.. This is proxying the latest version of android as of this writing which is version 10 but should work just fine on newer versions unless there is a major change in the future again that specifically restricts this method..
Mobile Hacking - Proxying Newer Versions of Android with Burp and Genymotion:
You can follow along with the video but additionally for reference below are the commands used:
Step 1: Create a Burp Cert for Android
1. Export the certificate from burp to .DER format via the proxy tab import/export
2. Change the format from der to pem:
openssl x509 -inform DER -in cacert.der -out cacert.pem
3. Pull the hash of the certificate subject name and rename the cert to the hah.0 format:
openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1
mv cacert.pem <hash>.0
Step 2: Create a new Emulator:
1. Create a version 10 Galaxy x10 with bridge mode networking (or whatever newest version required)
2. Click 3 dots under my installed devices in genymotion --> Edit --> Change to bridged mode
Step 3: Setup certificate on device
1. Check devices and push the certificate to the SD card:
adb devices
adb push <hash.0> /sdcard/
2. Connect to the device and install the cert with proper permissions:
adb remount
adb shell
mv /sdcard/<hash.0> /system/etc/security/cacerts/
chmod 644 /system/etc/security/cacerts/<hash.0>
3. Reboot the device:
reboot
Step 4: Verify and setup the proxy:
1. Settings --> search for Trusted --> Scroll down till you see portswigger
2. Setup your Burp proxy to the correct IP/Port combo of your external interface IP
3. In Genymotion click Settings --> wifi --> Gear -> Pencil Icon -> Add in Proxy info under advanced
4. Go forth and proxy things
This comment has been removed by a blog administrator.
ReplyDelete