Search code examples
androidinterceptburp

Burpsuite failed to capture/intercept some request on Android

After setting up my device with Burpsuite. Im able to capture and intercept request from the mobile browser (Chrome) and only "some request" from my application. I wonder why are some request can't be capture in the HTTP history?

**Note that after setting up the proxy in wifi, my device is showing LIMITED CONNECTION. However I can still have access to internet when surfing website in Mobile Chrome, but some apps (Youtube, Facebook) is totally losing internet access.

Is that the reason why some of my request can't be capture?

Setup works including:

  1. IP:proxy
  2. cacert installation (VPN & APPS) + (WIFI)

Some info

  1. Im using 8082 proxy
  2. Android 10

Update 1

After some debugging, I found out that my application is returning Network Error while firing some requests (those which failed to capture). Though this could be the reasoning of CACERT / proxy set, but I still expect the http request to be appear in burp? Why is not appearing?

Solution

  • Finally able to resolved my issue with the following solution (Credit to the post here)! You'll need to modify/create the following files:

    AndroidManifest.xml

    • Append the following line within <application>
    <application
...
.....
android:networkSecurityConfig="@xml/network_security_config">

    network_security_config.xml

    • Create or append the <trust-anchors>
    <network-security-config>
      <base-config cleartextTrafficPermitted="true">>
            <trust-anchors>
                <!-- Trust preinstalled CAs -->
                <certificates src="system" />
                <!-- Additionally trust user added CAs -->
                <certificates src="user" />
           </trust-anchors>
      </base-config>
 </network-security-config>

    Reason being, changes to Trusted Certificate Authorities in Android Nougat. Read more here

    Seems that, there are also some similar suggestions in other post which I have missed.

    Something to take note:

    Even the APIs are working now in app, but there are still some services within the app doesn't work as expected. In my case it is Codepush.

    [CodePush] An unknown error occurred. [CodePush] Unexpected status line: HTTP/2 200 OK

    However . . .

    Though the solution above resolved my issue, yet it doesn't really answer my doubt. Why in the first place another API (this working API is from different service) works without implementing the solution?

    Appreciate if one could shed some light. Thanks!