Just as with the Droid apps, when an untrusted certificate (Burp) shows up for an app requiring SSL/TLS, the app crashes and burns. The best way (same as Droid) to fix this is to import Burp as a trusted Certificate Authority (CA).
Why would we want to do this? Apps on mobile phones are cool but some would argue the web-services the apps are communicating with can be even juicier. We'd like to intercept the communication to the web-services and play around a bit.
You'll need to export the Burp Certificate, I usually open Firefox, set the browser to run thru Burp, view the certificate, export the certificate. Much like this.........
Browse to https://twitter.com (while proxying thru Burp)
"Get Certificate"
Select PortSwigger's cert
Save Certificate with a .cer extension (.cer is what the iPhone recognizes)
Start a web server to host the PortSwiggerCA.cer
Browse to the location of the PortSwigger.cer file
The iPhone detects .cer, asks you to install as a CA, do it :-)
WiFi configuration, click the blue arrow on the right of your network
Configure with Burp's IP & Proxy
~Happy Hacking
I have followed all the different step.
ReplyDeleteBut when I'am adding PortSwigger CA to my iPad, I don't see the green "Trusted" but a red "Untrusted".
Any idea ?
Thanks for this article.
Typically it says Untrusted prior to you clicking the install button. Once you install, it should become trusted.
ReplyDeleteIt was supposed to be widespreaded as you mentioned, but I didnt know that, and I appreciate your post. The following link has a content that makes the certificate setup easier: http://stackoverflow.com/questions/2313987/iphone-install-certificate-for-ssl-connection
ReplyDeleteThanks!
"I've found the best way is to do the following: 1) Use your desktop browser to save the certificate locally. 2) Write an email to yourself and include the cert as an attachment 3) Read the email on your iOS device 4) Open the cert using the iOS mail app. This will install it on your device."
Make sure you have the Burp proxy set to "use a self-signed certificate" before exporting from the browser.
ReplyDelete