Burp Suite User Forum

Login to post

How to use burp with flutter based Android applications

kmskrishna | Last updated: Nov 05, 2019 01:07PM UTC

Any tips while pen-testing Flutter based Android apps? Since it ignores system proxy and user/system CA certificates you cannot use burp suite easily. I found a couple of blogs but they suggest patching etc. Is there any easy way? Here is the relevant info I found online. https://hackmd.io/@runicpl/flutter-android https://blog.nviso.be/2019/08/13/intercepting-traffic-from-android-flutter-applications/ https://orangewirelabs.wordpress.com/2019/06/04/bypassing-root-ca-checks-in-flutter-based-apps-on-android/ I am looking for an easy way to do this.

Liam, PortSwigger Agent | Last updated: Nov 05, 2019 01:10PM UTC

Thanks for following up. We're not aware of an easier way to do this than the suggestions in the blogs you have linked to. We have had experience with other users where the only solution was to hard code the proxy settings into the application. Please let us know if you need any further assistance.

You need to Log in to post a reply. Or register here, for free.