Burp Suite User Forum

Create new post

Not all Traffic is being intercepted between client and server

Richard | Last updated: Jun 17, 2018 12:03PM UTC

Hello I’m working on a game called Marvel Contest of Champions. Basically I want to intercept all the packets and traffic between the client and server such as server request/client response for example: If you want to start and finish a fight, a packet is sent to the server and vice versa. However when I do the standard Burp Suite intercepting I only get 3 packets, not all of the packets or traffic I need to be intercepted. Could it be the game is protected against proxy? Do I have to configure it somehow, because I don’t know how to. It is a unity game and before in earlier versions you could edit the .dll code to configure the game to run through a proxy but now you can’t. However it is possible as I have seen a guy do it with the latest version of the game and with Burp Suite. Is there way to break the protection in Burp Suite to catch all the packets and traffic between the client and the server instead of 3 packets? I just want to modify them. Any help would be nice =)

Liam, PortSwigger Agent | Last updated: Jun 18, 2018 08:23AM UTC

Which mobile device are you using to perform your testing? Have you tried using Burp Mobile Assistant? - https://portswigger.net/burp/help/mobile_testing_using_mobile_assistant

Burp User | Last updated: Jun 18, 2018 02:54PM UTC

Hello @Liam Tai-Hogan I’m using an android and IOS device and I have not tried using Burp Suite mobile assistant.

Liam, PortSwigger Agent | Last updated: Jun 19, 2018 07:46AM UTC

Try using the mobile assistant with your iOS device and let us know how you get on. Could you tell us a little more about your Android device and the OS?

Burp User | Last updated: Jun 19, 2018 04:23PM UTC

Hello the problem isn’t with my device it is that the application is secure and therefore I can’t get all the packets. It mainly uses https and http but I want the https packets but it doesn’t give them, is there a way to change https to http so the burp suite can intercept all of the packets?

Liam, PortSwigger Agent | Last updated: Jun 19, 2018 04:24PM UTC

Thanks for following up. Just to clarify, have you installed Burp's CA certificate in your devices? - https://support.portswigger.net/customer/portal/articles/1841109-installing-burp-s-ca-certificate-in-an-ios-device - https://support.portswigger.net/customer/portal/articles/1841102-installing-burp-s-ca-certificate-in-an-android-device If this is not working with the certificates correctly installed, we're not sure there is a way to change HTTPS to HTTP using Burp Suite that would be effective in this instance. Is it possible to contact your colleague to find out the process he used to proxy the application?

Burp User | Last updated: Jun 20, 2018 03:58PM UTC

Hello, i have installed Burp Suite’s CA certicate and have tried to contact my colleague but he is very vague on how he used to proxy the application. Maybe I need to change it in the app.

Burp User | Last updated: Aug 03, 2018 04:19PM UTC

It is impossible to sniff the packets of the game or decrypt them in the new v19.1 Update. Kabam have patched it:( it is more secure, and no longer lets you sniff packets without developer key:(

Burp User | Last updated: Dec 14, 2018 01:41PM UTC

Try this for iOS. https://www.theburpsuite.com/2018/12/intercepting-ios-applications-https.html

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.