v3rlly/install-ca-android-emulator.sh

## install-ca-android-emulator.sh
#!/bin/bash
#
# Install BurpSuite and Mitmproxy certificates on android emulator
# ref:
#		- https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/
#		- https://secabit.medium.com/how-to-configure-burp-proxy-with-an-android-emulator-31b483237053
#

# report errors
set -au;

# You can customize your android path here
export PATH=$PATH:$HOME/Android/Sdk/platform-tools;
export PATH=$PATH:$HOME/Android/Sdk/emulator;

# CA default path's
# 	ps: If the folder is empty or does not exist, run mitmproxy in order to generate the certificates
MITMPROXY_CA_PATH=$HOME/.mitmproxy/mitmproxy-ca-cert.cer;
#	ps: You can open `http://burp` in desktop browser and save to `/tmp/cacert.der`
BURPSUITE_CA_PATH=/tmp/cacert.der;

# Check if "everything" is okay
if ! command -v openssl 1>/dev/null;
then
	echo "openssl not found.";
	exit 1;
elif ! command -v emulator 1>/dev/null;
then
	echo "emulator not found.";
	exit 1;
elif ! command -v adb 1>/dev/null;
then
	echo "adb not found.";
	exit 1;
fi;


# Convert certificates to Android compatibility
# mitmproxy
hashed_name_mitmproxy=`openssl x509 -inform PEM -subject_hash_old -in $HOME/.mitmproxy/mitmproxy-ca-cert.cer | head -1`;
cp $HOME/.mitmproxy/mitmproxy-ca-cert.cer $hashed_name_mitmproxy.0;

# burp suite
openssl x509 -inform DER -in $BURPSUITE_CA_PATH -out cacert.pem;
hashed_name_burpsuite=`openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1`;
mv cacert.pem $hashed_name_burpsuite.0;

echo "Mitmproxy certificate file: $hashed_name_mitmproxy.0";
echo "BurpSuite certificate file: $hashed_name_burpsuite.0";

# I make sure the script won't continue from here until I finish it completely
exit 0;

# Prepare device to receive certificate
# 1. In another terminal, open the desired AVD
# emulator -avd <avd_name_here> -writable-system;
# 2.
# adb root;
# adb shell avbctl disable-verification;
# adb reboot;
# adb root;
# adb remount;
# adb reboot;
# adb root;
# adb remount;

# Send certificates to device
# mitmproxy
adb push $hashed_name_mitmproxy /system/etc/security/cacerts;
adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_mitmproxy;

# burp suite
adb push $hashed_name_burpsuite /system/etc/security/cacerts;
adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_burpsuite;

# Restart device
adb reboot


####################################
# Note:
#	    You always have to start the emulator using the `-writable-system` option if you want to use your certificate.
# To start AVD with certificates and proxy:
#	    emulator -avd <avd_name_here> -writable-system -http-proxy 127.0.0.1:8080;
####################################
	#!/bin/bash
	#
	# Install BurpSuite and Mitmproxy certificates on android emulator
	# ref:
	# - https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/
	# - https://secabit.medium.com/how-to-configure-burp-proxy-with-an-android-emulator-31b483237053
	#

	# report errors
	set -au;

	# You can customize your android path here
	export PATH=$PATH:$HOME/Android/Sdk/platform-tools;
	export PATH=$PATH:$HOME/Android/Sdk/emulator;

	# CA default path's
	# ps: If the folder is empty or does not exist, run mitmproxy in order to generate the certificates
	MITMPROXY_CA_PATH=$HOME/.mitmproxy/mitmproxy-ca-cert.cer;
	# ps: You can open `http://burp` in desktop browser and save to `/tmp/cacert.der`
	BURPSUITE_CA_PATH=/tmp/cacert.der;

	# Check if "everything" is okay
	if ! command -v openssl 1>/dev/null;
	then
	echo "openssl not found.";
	exit 1;
	elif ! command -v emulator 1>/dev/null;
	then
	echo "emulator not found.";
	exit 1;
	elif ! command -v adb 1>/dev/null;
	then
	echo "adb not found.";
	exit 1;
	fi;


	# Convert certificates to Android compatibility
	# mitmproxy
	hashed_name_mitmproxy=`openssl x509 -inform PEM -subject_hash_old -in $HOME/.mitmproxy/mitmproxy-ca-cert.cer \| head -1`;
	cp $HOME/.mitmproxy/mitmproxy-ca-cert.cer $hashed_name_mitmproxy.0;

	# burp suite
	openssl x509 -inform DER -in $BURPSUITE_CA_PATH -out cacert.pem;
	hashed_name_burpsuite=`openssl x509 -inform PEM -subject_hash_old -in cacert.pem \| head -1`;
	mv cacert.pem $hashed_name_burpsuite.0;

	echo "Mitmproxy certificate file: $hashed_name_mitmproxy.0";
	echo "BurpSuite certificate file: $hashed_name_burpsuite.0";

	# I make sure the script won't continue from here until I finish it completely
	exit 0;

	# Prepare device to receive certificate
	# 1. In another terminal, open the desired AVD
	# emulator -avd <avd_name_here> -writable-system;
	# 2.
	# adb root;
	# adb shell avbctl disable-verification;
	# adb reboot;
	# adb root;
	# adb remount;
	# adb reboot;
	# adb root;
	# adb remount;

	# Send certificates to device
	# mitmproxy
	adb push $hashed_name_mitmproxy /system/etc/security/cacerts;
	adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_mitmproxy;

	# burp suite
	adb push $hashed_name_burpsuite /system/etc/security/cacerts;
	adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_burpsuite;

	# Restart device
	adb reboot


	####################################
	# Note:
	# You always have to start the emulator using the `-writable-system` option if you want to use your certificate.
	# To start AVD with certificates and proxy:
	# emulator -avd <avd_name_here> -writable-system -http-proxy 127.0.0.1:8080;
	####################################