Last active
July 27, 2022 21:04
-
-
Save v3rlly/0aa4fe46f0dd277d6a4f39a4d1ca025d to your computer and use it in GitHub Desktop.
Install BurpSuite and Mitmproxy certificates on android emulator API LEVEL > 28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Install BurpSuite and Mitmproxy certificates on android emulator | |
| # ref: | |
| # - https://docs.mitmproxy.org/stable/howto-install-system-trusted-ca-android/ | |
| # - https://secabit.medium.com/how-to-configure-burp-proxy-with-an-android-emulator-31b483237053 | |
| # | |
| # report errors | |
| set -au; | |
| # You can customize your android path here | |
| export PATH=$PATH:$HOME/Android/Sdk/platform-tools; | |
| export PATH=$PATH:$HOME/Android/Sdk/emulator; | |
| # CA default path's | |
| # ps: If the folder is empty or does not exist, run mitmproxy in order to generate the certificates | |
| MITMPROXY_CA_PATH=$HOME/.mitmproxy/mitmproxy-ca-cert.cer; | |
| # ps: You can open `http://burp` in desktop browser and save to `/tmp/cacert.der` | |
| BURPSUITE_CA_PATH=/tmp/cacert.der; | |
| # Check if "everything" is okay | |
| if ! command -v openssl 1>/dev/null; | |
| then | |
| echo "openssl not found."; | |
| exit 1; | |
| elif ! command -v emulator 1>/dev/null; | |
| then | |
| echo "emulator not found."; | |
| exit 1; | |
| elif ! command -v adb 1>/dev/null; | |
| then | |
| echo "adb not found."; | |
| exit 1; | |
| fi; | |
| # Convert certificates to Android compatibility | |
| # mitmproxy | |
| hashed_name_mitmproxy=`openssl x509 -inform PEM -subject_hash_old -in $HOME/.mitmproxy/mitmproxy-ca-cert.cer | head -1`; | |
| cp $HOME/.mitmproxy/mitmproxy-ca-cert.cer $hashed_name_mitmproxy.0; | |
| # burp suite | |
| openssl x509 -inform DER -in $BURPSUITE_CA_PATH -out cacert.pem; | |
| hashed_name_burpsuite=`openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1`; | |
| mv cacert.pem $hashed_name_burpsuite.0; | |
| echo "Mitmproxy certificate file: $hashed_name_mitmproxy.0"; | |
| echo "BurpSuite certificate file: $hashed_name_burpsuite.0"; | |
| # I make sure the script won't continue from here until I finish it completely | |
| exit 0; | |
| # Prepare device to receive certificate | |
| # 1. In another terminal, open the desired AVD | |
| # emulator -avd <avd_name_here> -writable-system; | |
| # 2. | |
| # adb root; | |
| # adb shell avbctl disable-verification; | |
| # adb reboot; | |
| # adb root; | |
| # adb remount; | |
| # adb reboot; | |
| # adb root; | |
| # adb remount; | |
| # Send certificates to device | |
| # mitmproxy | |
| adb push $hashed_name_mitmproxy /system/etc/security/cacerts; | |
| adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_mitmproxy; | |
| # burp suite | |
| adb push $hashed_name_burpsuite /system/etc/security/cacerts; | |
| adb shell chmod 664 /system/etc/security/cacerts/$hashed_name_burpsuite; | |
| # Restart device | |
| adb reboot | |
| #################################### | |
| # Note: | |
| # You always have to start the emulator using the `-writable-system` option if you want to use your certificate. | |
| # To start AVD with certificates and proxy: | |
| # emulator -avd <avd_name_here> -writable-system -http-proxy 127.0.0.1:8080; | |
| #################################### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment