SSL Interception with Burp Suite Issue

[pascalschulz]

Hi Randorisec,

curious about the SSL Interception with Burp Suite cheat - How do you do that when using a device newer than Android 6.5. I have tried later Androids (non-rooted) and with those I would not be allowed anymore to perform your steps 5 & 6.

I gotta add, at step 4, I was using python's simple webserver to drop the file onto the phone but I doubt that this is changing anything, right?

Appreciate an answer.

Best,
Pascal

[randorisec]

Hello Pascal,

Sorry for the delay.

You're right from Android 7, the system no longer trusts user or admin CA certificates.
As you can see on: https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-android-device

However, even if the system is Android 7 or later, you should be able to install a user CA certificate.
On "Security" settings, you should have "Encryption & Credentials" and then you can "Install from SD card".

But as I said before, the certificate will be no more trusted by the system.
So, the first option is to root the phone or you can modify the app to re-enable the user CA certificate trust by using the tip "Bypassing SSL Pinning using Network Security Config".

Tell if it helps.
Thanks.
Guillaume