How to sniff HTTPS from Android app

Requirements

  1. Rooted device with ProxyDroid installed.
  2. “Computer” with Burp installed.

Let’s start

Launch Burp from your computer.

Proxy -> Options -> Proxy Listeners

Uncheck current “running” proxy, the Add a new Proxy Listener.

Choose:

  • Bind to port: 8080
  • Bind to address: All interfaces

Selection_010

From the button below, export CA certificate in DER format.

Now change the file extension into .cer and push it in a user-browsable folder on your device. E.g.: I connected the device to the computer and I used adb.

mv burpcert.der burpcert.cer
adb push burpcert.cer /sdcard/Download

While you’re there, take note of your ip address (in this example I’ll use 192.168.1.69).

Device configuration

Settings -> Security -> Install certificates from storage

Select the pushed .cer certificate (obviously), and give it a name.

You’ll be warned that your traffic  may be monitored (obviously).

Install ProxyDroid.

Configure:

  • Host: your pc address
  • Port: 8080
  • Proxy Type: HTTP (no HTTPS, I’m sure!)

I suggest to choose, under Feature Settings, the Individual Proxy configuration so that you can choose only the app of which do you want to sniff the traffic.

Enable Proxy Droid and enjoy.

Install tor on Ubuntu 15.10

From command line:

sudo gedit /etc/apt/sources.list.d/tor.list

in this file write those lines:

deb http://deb.torproject.org/torproject.org wily main
deb-src http://deb.torproject.org/torproject.org wily main

save, then run:

gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
sudo apt-get update
sudo apt-get install tor deb.torproject.org-keyring

Now you can find a folder named “tor-browser_en-US” in your home folder that contains the Tor Browser.

It comes with readily configured Tor and a browser patched for better anonymity.

 

Enable HDMI audio Debian-Ubuntu

You plug the HDMI, the video works but you have no audio. Ok, go on.

PulseAudio is a sound system for POSIX OSes, meaning that it is a proxy for your sound applications. It allows you to do advanced operations on your sound data as it passes between your application and your hardware. Things like transferring the audio to a different machine, changing the sample format or channel count and mixing several sounds into one are easily achieved using a sound server. PulseAudio is an integral part of all relevant modern Linux distributions and used in various mobile devices by multiple vendors. PulseAudio is an integral part of all relevant modern Linux distributions and used in various mobile devices by multiple vendors.

List name or index number of possible sinks:

pacmd list-sinks

you should see a “*” near the index of the sink actually in use.

If you see only one sink you are in trouble, the system doesn’t recognize the device. Search away!

Otherwise connect the HDMI, take an mp3 and try:

pacmd set-default-sink sinkIndex
pulseaudio -k
pacmd set-default-sink -D

varying the value of sinkIndex using the values found with  pacmd list-sinks but be careful to close the program that you use to play the mp3.

Update Nexus without losing data

Depend on several things OTA updates fails on your rooted devices or you want to manually  upgrade your android.

Download the factory image of your Nexus from:

https://developers.google.com/android/nexus/images

Extract the archive and edit the flash-all file (.bat if you are under Windows or .sh if you are under Linux).

 

You have to remove the “-w” option from the command on line 23:

fastboot -w update image-....

It will become:

fastboot update image-.....

Reboot in fastboot mode with:

 adb reboot bootloader

And then you can run the flash-all script.