I've been doing some mobile pentesting for a client and wanted to get stuck into some Network Analysis. I have jailbroken an iPhone & disabled SSL pinning, as well as configured Burp to intercept HTTP requests through Safari.
However, BurpSuite fails to intercept any traffic on the third-party app. After reviewing some scans, I can see the App uses ATS which I presume is my hindrance.
So my question is: How can I intercept traffic on Applications using ATS if it is at all possible?
Would appreciate some guidance.
Related
I have a web application (hobby project) with a chat function that is implemented with Express.js and socket.io.
Everything works fine on PC and on Android phones, but as soon as you connect with an Apple device, there will be problems since it seems that no websocket connection can be established between the server and the Apple device.
After a bit of googling I found this page:
https://socket.io/docs/v4/troubleshooting-connection-issues/?fbclid=IwAR2XeuehqJkkgFoshFKSVN7sz4UUfWkZ0CPYmsWnqXm-0Q17iVC3dRDyEEI#problem-the-socket-is-stuck-in-http-long-polling
I have limited abilities to troubleshoot on the client side since we do not have a Mac but I followed the troubleshooting that they recommend for the server side. When you connect with an Apple device, it seems that the event "upgrade" is never triggered and you therefore have to settle with HTTP Polling instead of web socket, which does not provide a good user experience.
I have got a certificate from Lets Encrypt and am using HTTPS to access the webpage. I have also tried with several different browsers on the Apple devices.
Anyone have an idea why you can not create a web socket connection with Apple devices and what you could do about it?
Feeling a bit lost and would love some help!
I am testing an application from iPad and using Burpsuite to capture the traffic. But, in that case, I was not able to capture the following requests for that application:
Login Request
Two Factor Authentication Request
Video Search Request in application
Video Play request in application
How can I capture above mentioned requests ?
(NOTE: I was able to capture some simple GET and POST requests of that application.)
Have you installed the Burp Certificate? If not, use these instructions.
If you have, it's likely that this application uses certificate pinning. There are some tools that can disable certificate pinning, including Burp Mobile Assistant. You need a jailbroken device running iOS 8 or 9. Be aware that Mobile Assistant cannot always disable pinning.
It was the issue of the system on which I am running the burpsuite, which is why the system was not able to process requests and responses.
I have WebRTC framework for my iOS app.
But Apple iTune app store review team, rejected my app (even though it was working in my local hardware's, cost me 6 months of work). After waiting so long, they rejected, because its IPv4, has to be IPv6?
I cant simply change the whole WebRTC Framework that i have used in my app.
My target clients are only IPv4 (not IPv6, i am not even interested to use IPv6), is there no way to solve it? I am using this framework: https://cocoapods.org/pods/libjingle_peerconnection
Any advise/suggestion, has anyone tried the libjingle_peerconnection library to make compatible for IPv6?
EDIT: at 3.56AM
You need to add more details in your question to get an appropriate and correct answer.
My reason for putting an answer is not to answer your question as we need further information. My goal to answer is to make everyone aware how IPv6 functionality can be enabled when developing an Webrtc app.
Server side
Generally speaking primarily there are two main backend components the Webrtc clients connect to:
Signaling server : This is used to carry signaling information such as your sdp between Webrtc endpoints. Can be implemented using web sockets or http or other mechanisms
Stun and a relay/turn server: for obvious Udp hole punching through NAT traversal and if p2p not possible, to act as a relay between endpoints.
For IPv6 both of these servers should support IPv6 connections to it.
Client side
When apple tests IPv6, it must be disabling IPv4 network interface so that the iOS networking stack is forced to use IPv6. Hence you need to enable Webrtc stack to use IPv6 interface. This can be done by adding the constraint googIPv6 : true in the createpeerconnection constraints.
Other than this if you are using any other app servers in your code, you will have to make sure they accept v6 connections.
I am working on an ios app which communicate with the server via http request. And I want to monitor the network traffic when testing my app in ios simulator/devices.
Is there any software or tools I can used to inspect the http requests of a specified application on mac/ios, just like firebugs for web developers?
Thanks.
As far as I know, there are several tools in App Store that provide the network traffic monitor feature. But, they could only view iPhone as a whole and stay at that level. In other words, they could only tell how much traffic has been consumed of this iPhone. For each app? No data.
You can use HTTP Catcher to capture web traffic. It's a Web debugging proxy for iOS, so you can view requests and responses directly on iPhone.
You can use Proxyman to record/capture all the requests & responses from your app while developing.It will support ios simulators also. Without doing any code change we use this.
First Download the Proxyman app form the above link after that just go through this documentation for references.
Charles has recently released an iOS version for http traffic monitoring. it is a paid app though. Good news is that you can set up Charles free desktop version then setup HTTP proxy from your iOS device.
I'd like to see the request / responses that an iphone app makes.
I mostly work on web apps, and I can use firebug / fiddler to see them. But how can I see incoming/outgoing traffic of an iOS app, if im running it on my wireless?
The Charles Web Proxy (and I believe Fiddler as well) allow connections from external hosts, when configured properly. In Charles, you will need to make sure your iPhone is added to the Access Control List in Proxy -> Access Control Settings.
After that, you can simply set your iPhone's proxy to your computer's Charles or Fiddler instance. In my case, my local desktop is at 192.168.10.1, thus my iPhone's proxy is set to:
192.168.10.1:8888
One problem, however, may be if you want to decrypt SSL traffic. It may be difficult to get the iPhone to add Fiddler or Charles' certificate to the keychain.
You could share your mac wireless to the iphone
And then use some tool, i personally use http://www.charlesproxy.com/ for these kind of issues
You could pick a tool from
https://superuser.com/questions/99870/mac-wireshark-alternatives