Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp not capturing local Andriod network traffic

Doby | Last updated: Jul 17, 2021 11:36PM UTC

I'm trying to use Burp to capture traffic from my routers companion app. I've set up the listening port, installed the burp certificates system and client side and installed 'ProxyDriod' to isolate the traffic from the app of interest. In Burp I can see the traffic the app sends/receives remotely (i.e. through the internet) but I cannot see the traffic the app sends/receives locally (i.e between the andriod device and the router). The local traffic is sent through port 6699 which I believe is standard for nginx, the webserver used by the router. I know this communication is happening while using Burp because the app functions as normal, but for some reason it is not being picked up. Any ideas how I can see the local traffic?

Doby | Last updated: Jul 18, 2021 10:22AM UTC

I've since found out ProxyDriod targets ports 80 and 443 so it makes sense port 6699 is going undetected. I'll need to use a different proxy method, perhaps ADB.

Doby | Last updated: Jul 18, 2021 11:26PM UTC

ADB and manually setting iptables didn't work out so I'm now looking at ARP spoofing. I'm using a windows PC and found an executable to do the ARP spoof, it works. Using Wireshark I can see all the traffic from the Android device. How do I get that traffic into Burp? I've set up invisible proxies on ports I know are being used but nothing is showing up. I must be doing something wrong?

Uthman, PortSwigger Agent | Last updated: Jul 19, 2021 12:31PM UTC

Burp is an HTTP proxy so will only show you the HTTP requests/responses. Have you tried using the NoPE extension? - https://portswigger.net/bappstore/12e84399d46a408dbe970f181391f781 Wireshark serves a different purpose since it essentially captures all the packets. What type of traffic are you interested in Burp detecting?

Doby | Last updated: Jul 19, 2021 03:54PM UTC

It's local HTTP traffic between an Andriod app and a Router interface (the app is a companion app for the router i.e, shows connection status, speed, options). The app communicates on port TCP 6699 but whatever to interface with Burp I can only see traffic from the internet ports (80, 443). I'll take a look at the extension, thanks.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.