Comments for "Sniffing https traffic on Android 11"

[nibarius]

Comments made here will be shown on the "Sniffing https traffic on Android 11" article.

https://nibarius.github.io/learning-frida/2021/01/23/sniffing-https-traffic

[wonchoe]

How to make this trick on unroot phone?

[nibarius]

To do this on an unrooted phone you have to use a phone with Android 6 or lower. Newer Android versions require root to be able to do this.

[wonchoe]

To do this on an unrooted phone you have to use a phone with Android 6 or lower. Newer Android versions require root to be able to do this.

so with a new phones, there are no options like unroot the phone and do all these tricks? Did you try that with a new phones?

[nibarius]

I prefer working with emulators when root access is needed so I haven't tried this on a new phone. I'm also not really familiar with how you gain root access modern phones. "Magisk" seems to be a popular option for this, but I don't have any personal experience with it.

[wonchoe]

I prefer working with emulators when root access is needed so I haven't tried this on a new phone. I'm also not really familiar with how you gain root access modern phones. "Magisk" seems to be a popular option for this, but I don't have any personal experience with it.

A lot of apps doesn't work with emulator. Will try to root my galaxy s9 on monday. Thanks for expirience!

[mizo25]

Hello , after the struggle it works and i can see the certificate on system root , but I am still getting tls error connection on burp :( Can you help me with this?

[nibarius]

Hi, unfortunately I'm not sure what's wrong for you. My problems were usually with getting the system to recognize the certificate. Once that was in place and I could get the traffic to go trough my burp proxy everything just worked. But when things weren't working for me during setup I started over from scratch and deleted all intermediate certificates to eliminate the risk that I installed the wrong certificate. Once I had the certificate installed I checked that it was visible as a system certificate and then I directly after tried loading https://example.com in a browser to check if it was working. I selected a browser and example.com to be sure I was testing with something that doesn't use certificate pinning.

I'm sorry I can't be of more help, but I hope you can get it working somehow.

[gcorgnet]

Thanks for the great write up. I was able to install the certificate and see some traffic through Burp but doesn't seem to be all of it (seems actually fairly random, what gets shown in the history and what doesn't. Any clues?

[nibarius]

Unfortunately not, I haven't run into that myself so I don't have any ideas on what's wrong. But I hope you manage to find a solution.

[nibarius]

@gcorgnet I just wanted to let you know that I stumbled upon an article explaining that apps written using Flutter doesn't use the Android proxy or certificate information, so the normal ways of intercepting traffic can't be used. Maybe this could be the reason for some traffic not showing up for you? https://blog.nviso.eu/2019/08/13/intercepting-traffic-from-android-flutter-applications/

[brunoaduarte]

@nibarius can you make a tutorial showing how to incercept traffic on a .apk that uses SSL pinning?

[nibarius]

How to bypass SSL pinning differs a bit depending on what app it is and how it does the pinning. Do you have any particular app in mind @brunoaduarte and maybe I could write a tutorial for that in case I manage to bypass pinning?

[brunoaduarte]

How to bypass SSL pinning differs a bit depending on what app it is and how it does the pinning. Do you have any particular app in mind @brunoaduarte and maybe I could write a tutorial for that in case I manage to bypass pinning?

yes, whats.app

[nibarius]

Please check out https://nibarius.github.io/learning-frida/2022/11/18/bypassing-pinning @brunoaduarte

[brunoaduarte]

Please check out https://nibarius.github.io/learning-frida/2022/11/18/bypassing-pinning @brunoaduarte

Awesome, thanks!