Back to Top

Configure Android Device With BurpSuite

Updated 10 January 2020

Burpsuite is a java based Web Penetration Testing Framework. It will help you to identify vulnerabilities and verify attacks vectors that are affecting web applications. Burpsuite can be configured with Desktop as well as Android mobiles. Through Burpsuite, QA can penetrate web applications on android devices.

To test a web application using the Android device need to configure Burp Proxy Listener to accept the connection on all network interfaces, and then connect both your mobile devices and your computer to the same Wireless network.

Burpsuite Proxy Listener Configuration

In the Burpsuite, Click on the “Proxy” tab and then click on the “Option” tab. Under the Proxy Listeners, click on the “Add” button.

proxy-configured

Under the “Binding” tab, in the “Bind to port” text field enter a port number that is not currently in use. Then select the “All interfaces” radio button and click on the “OK” button.

Start your headless eCommerce
now. Find out More
Add-Port-1

Configure Android Device

In the device, go to “Settings” menu

Android_settings

Go to WiFi section and Enable the WiFi

enableWifi

In the “Wi-Fi networks” table, find your network and tap it to bring up the connection menu.

WiFi_table-1

Tap “Connect”, Enter the password and continue.

Password

Once you are connected hold down on the network button to bring up the context menu. Tap “Manage Network Setting”.

network_modify

Select the “Show Advanced Options” which will show the IP settings. After that go to the Proxy and select “Manual” option.

Proxy_manual-1

Then enter the IP of the computer running Burp into the “Proxy host name”. Enter the port number configured in the “Bind to Port” earlier under the Proxy Listener in burp, For example, “8082”.

hostname

Check The Configuration

In the Burpsuite, go to Proxy Tab and switch ON the “Intercept button” if the intercept is in Off state.

Interceptenable

Open the Browser in your application and enter HTTP web page URL and then check the request in the burp suite.

Note: For HTTPS web page, need to install burp’s CA certificate in your device

httpurl

The request has been intercepted in the burpsuite tool.

intercept

Burp Suite Installation for Mozilla Firefox: https://webkul.com/blog/burp-suite-installation-process-for-mozilla-firefox/

author-thumb
Virendra 2 Badges
. . .

Comments

Leave a Comment

Your email address will not be published. Required fields are marked*


2 comments

  • You know my ip 4 years ago
    mobile inbuilt application not working put that stuff though i
    Reply
    • Virendra (Moderator) 4 years ago
      Hello There
      Thanks for showing interest in our Blog Post,

      This issue may occur because of mismatch of PROXY PORT and PROXY HOSTNAME. The mobile must running on same network on which burpsuite is running. You need to add CA certificate in your mobile browser if working on https.

      Thanks & Regards
      Webkul Team

      Reply
    • Back to Top

    Start a Project




      Message Sent!

      If you have more details or questions, you can reply to the received confirmation email.

      Back to Home