Skip to main content

Burp Suite

In this guide, we'll be setting up a Corellium Android virtual device with the popular proxy tool, Burp Suite. We'll be using a Mac with Burp Suite Community Edition 2020 and a virtual Android 11 device.

Before you get started, quickly make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile. If you haven't already, follow the Corellium VPN article.

Burp Suite for Android Devices

Configure Burp

  1. Navigate to the "Proxy" tab in Burp, and then select "Options.". Click on the current interface, and click Edit.

    Burp Suite 1

  2. In the popup that appears, select the option for "All Interfaces.". Then, click OK - here, take note of the port number (8080) as well as the VPN IP Address (10.11.3.2). We'll need these later when we configure the APN settings on the Virtual Machine. If you want to check that the IP Address is accurate, you can quickly run ifconfig in the Terminal to validate it.

    Burp Suite 3

  3. Then, select Yes for "Listen on all interfaces."

    Burp Suite 4

  4. Then, Allow on "Accept all incoming network connections."

    confirmation dialog

CA Certificates

  1. On the same Proxy -> Options screen, click Import / export CA certificate.

    Burp Suite 5

  2. Select the option for "Certificate in DER format". Then, click Next.

    Burp Suite 6

  3. Name the certificate "BurpCA.cer" and save it to your Desktop.

    Burp Suite 7 Burp Suite 8

  4. Then, switch over to your Corellium virtual device screen and go to the Files tab. Then, navigate to the mnt -> sdcard -> Download folder, and click UPLOAD. Upload the BurpCa.cer.

    Burp Suite 2

  5. Swipe up on the virtual device's screen, then select the Settings app.

    Burp Suite 9

  6. In Settings, go to Security -> Encryption and credentials -> Install a certificate -> CA certificate.

    Burp Suite 10

  7. Click Install Anyway.

    Burp Suite 11

  8. Here, click the top-left menu icon, and select Downloads. Then, select the certificate.

    Burp Suite 12

Configure APN

  1. Navigate back to the Settings app home page and select Network and Internet -> Mobile Network -> Advanced -> Access Point Names. Then, click the network.

    Burp Suite 13

  2. Here, enter the IP Address and port from Step 2 of Configure Burp in the Proxy field and port fields respectively, click the menu icon in the top right, then click Save.

    Burp Suite 14

Troubleshooting

If you have set up your proxy and are not able to see traffic, try closing and restarting your VPN session. Ensure that you can ping the IP address from the virtual device console.

Remember, you may not be able to reach HTTPS websites without proper trust certificates installed.

If the issue persists, contact your network administrator to determine if any local network configurations may be blocking or interfering with the virtual device network.

Validate

To validate that Burp Suide is intercepting traffic, do a quick web search in the virtual device's Webview. You will see the request in Burp, and then as you forward the request, you will see the device respond.

That's all there is to it! Thank you for taking the time to read this, and happy virtualizing!

Burp Suite For Non-Jailbroken iOS Devices

  1. Make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile.

Note: A VPN connection is only needed when using Corellium cloud services. On-site clients do not require a VPN connection (assuming they have network connectivity to the Corellium VMs).

  1. Edit the proxy listener in Burp Suite to listen on the VPN client IP and choose "All interfaces."

    Burp Suite 3

  2. Export your certificate in Burp Suite and choose "Certificate in DER format" option.

    Burp Suite 6

  3. We need to get the certificate on the VM. You can do this by mailing the certificate to yourself then open the VM browser and log in to the email which you sent the cert to. In your email, click on the certificate to download it on the device.

  4. After downloading the certificate on the device, navigate to Settings > General > VPN & Device Management. You should see the PortSwigger CA certificate; click on the certificate to install it.

    Install Burp Cert

  5. We now need to trust the certificate we downloaded. Navigate to General > About > Certificate Trust Settings and enable the PortSwigger CA certificate.

    enable the cert

  6. For the next step, we will configure the HTTP proxy on the device. Using the VPN client IP as the server and 8080 as the port.

    Burp Suite 15 Burp Suite 16

  7. You can now start intercepting traffic.

    Intercept the Traffic

Burp Suite for Jailbroken iOS Devices

For jailbroken iOS devices the process is a lot simpler, no need to install a certificate on the device in order to start intercepting traffic. If you would still like to install the burp certificate on the device, you can follow the instructions outlined in steps 3-6 of the "Burp Suite For Non-Jailbroken iOS Devices" portion of this document.

  1. Make sure that you've downloaded the Open VPN file for your virtual device and that you're connected to VPN using that profile.

Note: A VPN connection is only needed when using Corellium cloud services. On-site clients do not require a VPN connection (assuming they have network connectivity to the Corellium VMs).

  1. Edit the proxy listener in Burp Suite to listen on the VPN client IP and choose "All interfaces."

    Burp Suite 3

  2. Configure the HTTP proxy on the device. Using the VPN client IP as the server and 8080 as the port.

    Burp Suite 15 Burp Suite 16

  3. You can now start intercepting traffic.

    Intercept jailbroken traffic