# Burpsuite Proxy Setup for Android

## Burpsuite Initialization

First open burpsuite and follow the below mentioned steps to make the burpsuite proxy available to the emulated device.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FD0Q7oIgu8HooCAjadFiu%2FUntitled.png?alt=media&#x26;token=22c2dac6-f345-4fc0-92ca-caabdc520dd8" alt=""><figcaption></figcaption></figure>

## Proxy Configuration in Burpsuite

Next add your machines IP address and bind it to port 8080.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FKK8C8d1wl1LORx6hIVcT%2FUntitled%201.png?alt=media&#x26;token=6d10c727-e2fc-4af2-91e3-e03fa9a0cd99" alt=""><figcaption></figcaption></figure>

After performing the above process successfully, you should see your machine’s IP listed in the proxy listeners tab like this:

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FfS1EZMJ8NJERD2nKK7MB%2FUntitled%202.png?alt=media&#x26;token=24459e26-f522-4b0a-839a-c612ad36c939" alt=""><figcaption></figcaption></figure>

## Downloading CA Certificate

Next open a browser, connect to burp proxy \[ Check this article to learn about how to connect to burp proxy: <https://null-byte.wonderhowto.com/how-to/use-burp-foxyproxy-easily-switch-between-proxy-settings-0196630/> ] and download the burpsuite certificate to intercept secure requests.

Go to the following address in the browser that is connected to burp proxy: <http://burp/> and download the certificate.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2Fx3i0hD1uzV5MjVH2qxwH%2FUntitled%203.png?alt=media&#x26;token=ace4d1ed-644c-46a2-b99b-147342a52dd0" alt=""><figcaption></figcaption></figure>

## Installing the Certificate on Android

After downloading the certificate, open the downloaded folder keep it adjacent to the android emulator, then drag and drop the certificate to the android device.

{% hint style="info" %}
Rename `cacert.der` to `cacert.pem`, since android accepts only `pem` extension.
{% endhint %}

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FMYRv1uY2gZUzcfn3ijZx%2FUntitled%204.png?alt=media&#x26;token=b10327b2-629c-4d21-8bc1-d39eb753a01d" alt=""><figcaption></figcaption></figure>

Now go to the android settings and search for Install Certificates and click it.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FMNz2LiU5Xe9sfE9zBVNe%2FUntitled%205.png?alt=media&#x26;token=edf4da8e-b98b-44ec-a059-0a9f4480b7ba" alt=""><figcaption></figcaption></figure>

Now press the install certificates:

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FACUadf2UfMjYmqQc5y9w%2FUntitled%206.png?alt=media&#x26;token=d785303b-d133-4bf0-ba1f-67512d71b3f3" alt=""><figcaption></figcaption></figure>

Now locate the `cacert.pem` file which will be available in

`Internal Storage` → `Download` and click on it.

## Setting up Proxy on Android Emulator

After the successful installation of certificate, we have to setup the proxy to make the requests intercept by burpsuite.

To do that follow the below steps:

{% hint style="info" %}
I am using android studio to and avd to emulate the android device. Based on the emulator you are using the steps may defer. Kindly refer the preferred steps for setting up proxy according to your emulator.
{% endhint %}

First click on the three dots on the right panel.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FefXgz48pRnhdogiM1ZYX%2FUntitled%207.png?alt=media&#x26;token=2a08492c-cbcf-4612-889b-d0fbe959faaa" alt=""><figcaption></figcaption></figure>

Now in the popped up window setup the manual proxy configuration to you machines IP address and click apply.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FpRUibWFUlN1KPRy0q5fE%2FUntitled%208.png?alt=media&#x26;token=79b7fb55-8daa-4297-a5b6-383b2a2d3c6c" alt=""><figcaption></figcaption></figure>

## Verifying the Proxy Setup

Now to check whether the proxy is working, go to burpsuite and set Intercept on.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2FnJqBWY6tC5pGOTtl9fHx%2FUntitled%209.png?alt=media&#x26;token=cf2af303-62ad-4701-b2ec-ed92efcf4f58" alt=""><figcaption></figcaption></figure>

Now in the android device google for something.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2F46AhGpt97w8RhSkhdgS7%2FUntitled%2010.png?alt=media&#x26;token=9b603e83-ebaf-475c-99a0-c04eb28feca1" alt=""><figcaption></figcaption></figure>

you can see that the request is not loading. Now check burpsuite.

<figure><img src="https://808790781-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7mqWWcMJ2puXtqlIgHfA%2Fuploads%2F1tDr0r8iDYKnxQk9NIfP%2FUntitled%2011.png?alt=media&#x26;token=0b86c226-a858-4a1c-8155-6d30e5195316" alt=""><figcaption></figcaption></figure>

You can see that the request in intercepted.