Research Academy Daily Swig
My account Customers About Blog Careers Legal Contact

Burp Suite User Forum

Login to post

Unable to intercept with latest android device using Burpsuite

Muhammad | Last updated: Oct 11, 2020 07:15AM UTC

Hello, I am using the following links to install BP CA and configure proxy on Android device (OS 9/10) but can't see requests in burp suite. Please guide. https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-android-device https://portswigger.net/support/configuring-an-android-device-to-work-with-burp

Ben, PortSwigger Agent | Last updated: Oct 12, 2020 11:08AM UTC

Hi Muhammad, We have replied to the email that you also sent into us regarding this issue - it will be easier to communicate via that method as we can easily share screenshots and information regarding your specific setup.

Cody | Last updated: Oct 26, 2020 01:58PM UTC

That is unfortunate that the issue could not be discussed publicly, as I would love to see the developments on this issue as well and have not seen any official posts regarding Android 11. Using the option for "apps and VPNs," I receive an error that it is an invalid certificate. It will let me install it as a regular CA certificate, but it seems that does not allow it to intercept app traffic.

Ben, PortSwigger Agent | Last updated: Oct 27, 2020 03:19PM UTC

Hi Cody, For Android 7.0 and above you need to install the Burp CA certificate at the OS level on a rooted device - the way the certificate trust settings are managed were changed in that version so that user supplied certificates are no longer trusted. Having said that, i would expect to see connection errors being reported rather than an invalid certificate - are you able to confirm the complete error that you are seeing?

You need to Log in to post a reply. Or register here, for free.