Tuesday, November 23, 2010

iPhone + Burp

This is one of those things that is super simple and I figure most folks have already done or know how to do. There may be a few people out there whose time I save with this post. Who knows. Lets get on with it.

Just as with the Droid apps, when an untrusted certificate (Burp) shows up for an app requiring SSL/TLS, the app crashes and burns. The best way (same as Droid) to fix this is to import Burp as a trusted Certificate Authority (CA).

Why would we want to do this? Apps on mobile phones are cool but some would argue the web-services the apps are communicating with can be even juicier. We'd like to intercept the communication to the web-services and play around a bit.

You'll need to export the Burp Certificate, I usually open Firefox, set the browser to run thru Burp, view the certificate, export the certificate. Much like this.........





Browse to https://twitter.com (while proxying thru Burp)


"Get Certificate"




Select PortSwigger's cert




Save Certificate with a .cer extension (.cer is what the iPhone recognizes)



Start a web server to host the PortSwiggerCA.cer 




Browse to the location of the PortSwigger.cer file




The iPhone detects .cer, asks you to install as a CA, do it :-)




WiFi configuration, click the blue arrow on the right of your network




  Configure with Burp's IP & Proxy


Hopefully that was easy enough to follow along. Now you can proxy your iPhone apps thru Burp.

~Happy Hacking

4 comments:

  1. I have followed all the different step.
    But when I'am adding PortSwigger CA to my iPad, I don't see the green "Trusted" but a red "Untrusted".
    Any idea ?
    Thanks for this article.

    ReplyDelete
  2. Typically it says Untrusted prior to you clicking the install button. Once you install, it should become trusted.

    ReplyDelete
  3. It was supposed to be widespreaded as you mentioned, but I didnt know that, and I appreciate your post. The following link has a content that makes the certificate setup easier: http://stackoverflow.com/questions/2313987/iphone-install-certificate-for-ssl-connection

    Thanks!

    "I've found the best way is to do the following: 1) Use your desktop browser to save the certificate locally. 2) Write an email to yourself and include the cert as an attachment 3) Read the email on your iOS device 4) Open the cert using the iOS mail app. This will install it on your device."

    ReplyDelete
  4. Make sure you have the Burp proxy set to "use a self-signed certificate" before exporting from the browser.

    ReplyDelete