How to route your traffic through (Burp Suite) from a mobile emulator (Android-x86)
Lately, I have been studying and deepening my knowledge in API, or Application Programming Interface, which is like a digital middleman that allows different software applications to communicate and work together smoothly. It acts as a set of rules and tools that enable one software system to interact with and use the services or functionalities of another.
To comprehend interactions between a client and a web server, adding a proxy is common for in-depth inspection. Burp Suite proves invaluable in this context, offering swift and easy configuration. Once launched, it efficiently captures browser traffic, allowing seamless inspection of content exchanged between the client and the server.
However, in some cases, such as mobile applications where the universe of APIs plays a pivotal role, a few additional steps are needed to redirect the traffic from a mobile device, whether it’s a physical device or an emulator. In this case, we will be using an Android emulator to understand this process and build a LAB using two virtual machines, as presented below:
-from-a-mobile-emulator-(Android-x86)/1.png)
We won’t cover the installation of the Linux Kali machine as the process is simple and doesn’t require many additional steps.
Let’s get to what really matters. To install and configure the Android-x86 emulator, all you need to do is download the ISO available at the following link:
Android-x86 - https://www.android-x86.org/download.html
The version used in this tutorial was the Release 8.1 (android-x86_64–8.1-r6.iso). Proceed to create your virtual machine and select the iso downloaded to be used during the boot process.
Once the startup menu displays the available options, click on “Advanced options…”
-from-a-mobile-emulator-(Android-x86)/2.png)
Next, click on “Auto_Installation — Auto Install to specified harddisk”:
-from-a-mobile-emulator-(Android-x86)/3.png)
As the process is being carried out in a virtual machine, we don’t need to worry about partitioning the disk or sharing it with more than one operating system. We can simply use the entire disk allocated to the virtual machine and format it without any risk.
Next, just confirm the automated installation and proceed by clicking on “YES.”
-from-a-mobile-emulator-(Android-x86)/4.png)
Wait for the installation process:
-from-a-mobile-emulator-(Android-x86)/5.png)
Next, select “Reboot” and then click on “OK”:
-from-a-mobile-emulator-(Android-x86)/6.png)
If you encounter an issue during startup, as was the case for me, where no graphical interface was presented after rebooting, or in some instances, only the console appeared:
console:/ #To resolve this issue, turn off the virtual machine and enable the “Accelerate 3D graphics” option in your virtualizer’s settings.
Following that, the problem encountered was a dark screen with no graphical content or console endlessly.
To address this, restart the virtual machine and during the boot options screen, press the “e” key to enter edit mode:
-from-a-mobile-emulator-(Android-x86)/7.png)
Then press the “e” key again to edit the selected line, use the arrow keys to move forward or backward in the line to correctly position the cursor:
-from-a-mobile-emulator-(Android-x86)/8.png)
The content of the line to be edited must be presented as below:
grub edit> kernel /android-8.1-r6/kernel quiet root=/dev/ram0 SRC=/android-8.1-r6Remove the “quiet” string and enter the following “nomodeset xforcevesa” parameters. The content of the line to be edited must be presented as below:
grub edit> kernel /android-8.1-r6/kernel nomodeset xforcevesa root=/dev/ram0 SRC=android-8.1-r6The following image presents the same content as above, the final result of editing the parameters:
-from-a-mobile-emulator-(Android-x86)/9.png)
Press “enter” to accept the new parameters, this should return to the previous screen:
-from-a-mobile-emulator-(Android-x86)/10.png)
Then, just press the “b” key to start the boot process with the new parameters. After a few seconds, the Android screen will be displayed:
-from-a-mobile-emulator-(Android-x86)/11.png)
Just follow the initialization and configuration process without any additional resources, and you can even ignore account settings and wireless networks, it won’t be necessary for now.
After the initialization process, your WiFi connection might already be configured. If that’s the case, here’s a trick: remove the existing configuration by clicking on “FORGET.” Don’t worry; we’ll set it up from scratch:
-from-a-mobile-emulator-(Android-x86)/12.png)
Next, click on “+ Add Network” and we will manually configure it by adjusting the proxy settings to send requests to Burp Suite directly from Android:
-from-a-mobile-emulator-(Android-x86)/13.png)
We will use the same previous name for the new network, click on advanced options and change the proxy selection option to “Manual”:
-from-a-mobile-emulator-(Android-x86)/14.png)
Add the address of the virtual machine with Kali installed, in my case, 192.168.32.130 and port 8080 and finally click on “Save”.
After a few seconds, the new network should display as “Connected, no Internet”.
Now let’s access the Kali virtual machine and start our Burp Suite, on the home screen click on “Settings”:
-from-a-mobile-emulator-(Android-x86)/15.png)
In the new window, navigate to “Tools > Proxy” and click “Add”:
-from-a-mobile-emulator-(Android-x86)/16.png)
We will add a new listener since by default Burp Suite will only listen on the localhost interface:
-from-a-mobile-emulator-(Android-x86)/17.png)
We will use bind to port 8080 and a specific address option by selecting the IP assigned on our interface connected to the NAT network 192.168.32.130.
Next, click on “OK”.
Return to Android and open the browser, the following message should be displayed:
-from-a-mobile-emulator-(Android-x86)/18.png)
Which is expected since the Burp Suite certificate has not yet been installed. To do this, simply access the address http://192.168.32.130:8080 and click on “CA Certificate”:
-from-a-mobile-emulator-(Android-x86)/19.png)
If the download is not executed, click and hold the button so that the options menu is displayed, then simply click on “Save link”:
-from-a-mobile-emulator-(Android-x86)/20.png)
The certificate will be downloaded in the “Downloads” directory.
Use the file browser available on Android called “Files”:
-from-a-mobile-emulator-(Android-x86)/21.png)
Navigate to the Downloads directory where the file was stored, click on the icon on the left to select only the file as we will rename its extension:
-from-a-mobile-emulator-(Android-x86)/22.png)
Change the extension to .cer as shown in the image below and click on “OK”:
-from-a-mobile-emulator-(Android-x86)/23.png)
Return to the Wi-Fi network settings screen and click on “Wi-Fi Preferences”:
-from-a-mobile-emulator-(Android-x86)/24.png)
Expand the menu by clicking on the “Advanced” option and finally click on the “Install certificates” option:
-from-a-mobile-emulator-(Android-x86)/25.png)
Navigate using the file viewer to the “Download” directory and click on the certificate:
-from-a-mobile-emulator-(Android-x86)/26.png)
A new window will popup to add a name to the certificate, feel free to use any name:
-from-a-mobile-emulator-(Android-x86)/27.png)
If you have not configured a PIN or password, a window will be displayed:
-from-a-mobile-emulator-(Android-x86)/28.png)
Otherwise, you will only be asked for your password or PIN:
-from-a-mobile-emulator-(Android-x86)/29.png)
Once this is done, a message should quickly appear informing you that the certificate has been installed:
-from-a-mobile-emulator-(Android-x86)/30.png)
Now perform a test by accessing any domain:
-from-a-mobile-emulator-(Android-x86)/31.png)
Go back to the Kali machine window and check the traffic through Burp Suite:
-from-a-mobile-emulator-(Android-x86)/32.png)
If you have made it this far and all the steps have been carried out successfully, at this point you should have the laboratory fully functional and ready to be used.
Enjoy it and have fun!