TransWikia.com

BURP SSL connection failing on Genymotion Virtual Device - Android 8.0 API 26

Information Security Asked by qre0ct on December 26, 2021

Everything earlier used to work fine. However, recently I downloaded a newer virtual device on Genymotion, which is an Android 8.0 API 26. I have been struggling to get HTTPS traffic intercepted on this device. Some digging suggested that since Android Nougat things have changed with respect to the use of user installed CAs as trusted credentials. Further reading up landed me to this, quoted on multiple different forums as well, as a way to solve the problem.

Following the above link, although I have been able to successfully get the BURP cert installed as system CA (as in the screen shot below) I am still unable to intercept the traffic.
enter image description here

  1. Any help on what could be going wrong & how to get this done would be greatly appreciated.
  2. Strangely some of the https calls were getting intercepted, while with the others, like something as simple as opening https://www.google.com in chrome on the device throws the error in BURP logs as :

enter image description here

PS: SSL pinning does not seem to be a problem (or is it :thinking_face:) since I have bypassed that with some off-the-shelf xposed ssl unpinning modules.

PS: let’s say I need to use a Nougat, so using an older API/Android is not an option as a solution.

PS: My virtual box settings for the device have 3 connected interfaces (host only, NAT & bridged)

EDIT 1

I am now able to intercept app traffic. I actually did not change anything, other than restart the Genymotion virtual device & apply ssl unpin once again on the respective app/s.

But I am still unable to intercept any traffic from Google Chrome app or Firefox lite or even Web View browser on Nougat!

I am able to intercept implicit calls being made by Firefox lite browser to the host incoming.telemetry.mozilla.org but not the search query itself. What is going on??

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP