Skip to content

Instantly share code, notes, and snippets.

@Zeik0s

Zeik0s/Instruction.md

Last active October 30, 2019 22:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Zeik0s/e1dc7ce3fd9a036ba516b3a4c4b31c1f to your computer and use it in GitHub Desktop.
Save Zeik0s/e1dc7ce3fd9a036ba516b3a4c4b31c1f to your computer and use it in GitHub Desktop.
Download ZIP
Using Burp or any other TLS Intercepting Solution on rooted Android Devices
Raw
Instruction.md

Start Android Emulator with writable System Partition (skip if you're using a real Phone)

./emulator.exe -avd phone -writable-system

export Certificate to File

prepare Certificate with OpenSSL for Android, Burp normally uses a "DER" Type Certificate

certificate_name=$(openssl x509 -inform DER -subject_hash_old -in burp_certificate | head -1)

head extracts the first line from the Certificate, which will be the Name for the Android CA

mv burp_certificate $certificate_name.0

Certificate upload to Device

adb push $certificate_name.0 /sdcard

Use ADB as Root User

adb root adb shell

on the Phone:

mount -o rw,remount / # (or /system) mv CERTIFICATE_NAME /system/etc/security/cacerts chmod 0644 /system/etc/security/cacerts/CERTIFICATE_NAME

Intercepting should be possible!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment