Skip to main content

Burp Suite

In this guide, we'll be setting up a Corellium Android virtual device with the popular proxy tool, Burp Suite. We'll be using a Mac with Burp Suite Community Edition 2020 and a virtual Android 11 device.

Before you get started, quickly make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile. If you haven't already, follow the Corellium VPN article.

Configure Burp

  1. Navigate to the "Proxy" tab in Burp, and then select "Options.". Click on the current interface, and click Edit.

Burp proxy tab

  1. In the popup that appears, select the option for "All Interfaces.". Then, click OK - here, take note of the port number (8080) as well as the VPN IP Address (10.11.3.2). We'll need these later when we configure the APN settings on the Virtual Machine. If you want to check that the IP Address is accurate, you can quickly run ifconfig in the Terminal to validate it.

edit proxy listerner

  1. Then, select Yes for "Listen on all interfaces,"

listen for all

  1. Then, Allow on "Accept all incoming network connections."

confirmation dialog

CA Certificates

  1. On the same Proxy -> Options screen, click Import / export CA certificate.

click import/export cert

  1. Select the option for "Certificate in DER format". Then, click Next.

der certificate format

  1. Name the certificate "BurpCA.cer" and save it to your Desktop.

  2. Then, switch over to your Corellium virtual device screen and go to the Files tab. Then, navigate to the mnt -> sdcard -> Download folder, and click UPLOAD. Upload the BurpCa.cer.

files path

  1. Swipe up on the virtual device's screen, then select the Settings app

swipe up

  1. In Settings, go to Security -> Encryption and credentials -> Install a certificate -> CA certificate. Then, click Install Anyway.

click install anyway

  1. Here, click the top-left menu icon, and select Downloads. Then, select the certificate.

Configure APN

  1. Navigate back to the Settings app home page and select Network and internet -> Mobile Network -> Advanced -> Access Point Names. Then, click the network.

settings app page

  1. Here, enter the IP Address and port from Step 2 of Configure Burp in the Proxy field and port fields respectively, click the menu icon in the top right, then click Save.

enter port and proxy

Troubleshooting

If you have set up your proxy and are not able to see traffic, try closing and restarting your VPN session. Ensure that you can ping the IP address from the virtual device console.

Remember, you may not be able to reach HTTPS websites without proper trust certificates installed.

If the issue persists, contact your network administrator to determine if any local network configurations may be blocking or interfering with the virtual device network.

Validate

To validate that Burp Suide is intercepting traffic, do a quick web search in the virtual device's Webview. You will see the request in Burp, and then as you forward the request, you will see the device respond.

That's all there is to it! Thank you for taking the time to read this, and happy virtualizing!

Burp Suite For Non-Jailbroken iOS Devices

  1. Make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile.

Note: A VPN connection is only needed when using Corellium cloud services. On-site clients do not require a VPN connection (assuming they have network connectivity to the Corellium VMs).

  1. Edit the proxy listener in Burp Suite to listen on the VPN client IP and choose "All interfaces."

Listen on All Interfaces

  1. Export your certificate in Burp Suite and choose "Certificate in DER format" option.

Export the certificate

  1. We need to get the certificate on the vm. You can do this by mailing the certificate to yourself then open the VM browser and log in to the email which you sent the cert to. In your email, click on the certificate to download it on the device.

  2. After downloading the certificate on the device, navigate to Settings > General > VPN & Device Management. You should see the PortSwigger CA certificate; click on the certificate to install it.

Install Burp Cert

  1. We now need to trust the certificate we downloaded. Navigate to General > About > Certificate Trust Settings and enable the PortSwigger CA certificate.

enable the cert

  1. For the next step, we will configure the HTTP proxy on the device. Using the VPN client IP as the server and 8080 as the port.

set up the proxy

You can now start intercepting traffic.

Intercept the Traffic

Burp Suite for Jailbroken iOS devices

For jailbroken iOS devices the process is a lot simpler, no need to install a certificate on the device in order to start intercepting traffic. If you would still like to install the burp certificate on the device, you can follow the instructions outlined in steps 3-6 of the "Burp Suite For Non-Jailbroken iOS Devices" portion of this document.

  1. Make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile.

Note: A VPN connection is only needed when using Corellium cloud services. On-site clients do not require a VPN connection (assuming they have network connectivity to the Corellium VMs).

  1. Edit the proxy listener in Burp Suite to listen on the VPN client IP and choose "All interfaces."

Listen on All Interfaces

  1. Configure the HTTP proxy on the device. Using the VPN client IP as the server and 8080 as the port.

Configure jailbroken proxy

You can now start intercepting traffic.

Intercept jailbroken traffic