1.Install Burp Certificate on Android

this part you can see : 安卓APP测试之使用Burp Suite实现HTTPS抓包方法

2.Set Proxy

set proxy on burpsuite and mobile:

set proxy on mobile,ensure that burpsuite and test mobile at the same wifi.

3.Modify key API

So far,you can monitor many https connections such as self signed certificate with weak check, but you can still not monitor some cases, for example, an app use a CA that is trusted by Android (not self signed certificate), in this case, proxy will be rejected by system ( Official Document ).

The method to solve this problem is hooking or modifying framework.

In Android4.4 you can use Xposed to hook key function,it’s the easiest way, core code is here:

Above Android5.0, you can modify framwork /libcore/luni/src/main/java/javax/net/ssl/SSLContext.java , and flash new framework to mobile.

With this approach,you can monitor almost all https traffic on Android.

 

 

 

 

*

+
跳转到评论