Created
May 27, 2020 22:04
-
-
Save antojoseph/33f4d53ff18f7ceeb84e6964fc639076 to your computer and use it in GitHub Desktop.
Intercept SSL traffic on Android 9.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export burpsuite/proxy certificate | |
| install cert on android device | |
| su and remount system as rw : mount -o rw,remount,rw /system | |
| find installed cert here /data/misc/keystore/user_0 | |
| verify with openssl x509 -in cert.cer -inform der -text | |
| copy cert from /data/misc/user/0/cacerts-added/cert.0 to /system/etc/security/cacerts/ | |
| Tip : null out /data/misc/keychain/pins to remove any ssl pins made by Android |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment