Burp Suite User Forum

Login to post

Can't intercept flutter application using burpsuite

vasantha | Last updated: Mar 27, 2023 06:06PM UTC

Hi Team, We are not able to intercept the flutter Application traffic in burp-suite. Questions: I) Is it possible to intercept traffic using? II) How can i intercept traffic using burp?

Ben, PortSwigger Agent | Last updated: Mar 28, 2023 09:44AM UTC

Hi Vasantha, My understanding is that applications developed using the Flutter framework do not adhere to the system proxy settings unless specifically developed to do so. Is it the case that the application that you are testing works but you simply see no traffic appearing within Burp when you are attempting to proxy the traffic? If so, this would seem to indicate that the above is the case. You might be able to use the ProxyDroid Android app to force all the traffic from the device to the Burp proxy via Iptables. The following article has some useful information regarding this: https://blog.nviso.eu/2019/08/13/intercepting-traffic-from-android-flutter-applications/

Dario | Last updated: Jul 20, 2023 02:13PM UTC

I believe the best technique is using NoPe extension, by simply Burp acting as DNS server and intercepting the https traffic????

You need to Log in to post a reply. Or register here, for free.