1.让Android手机和PC连入同一个网段的wifi,即在同一个无线局域网环境下。
2. 查看PC的IP地址,cmd输入ipconfig命令
3.打开Burpsuite,设置Proxy Listener(Proxy->Option->Proxy Listener->add)
点击"Add"按钮,设置新的代理监听器,地址就填刚刚看到PC端的IP地址,在这里是192.168.1.188(根据实际情况有所不同),端口填8080
设置无法访问SSL网站(Certificate→Use a self-signed certificate)
4.设置编码 (此设置仅让UTF-8编码数据显示正常,复制文本数据流编码未实际改变。)
5.被动扫描 Scanner→Live Passive Scanning→Scan everything
5.被动扫描 Scanner→Live Passive Scanning→Scan everything
6.设置手机代理
点击设置
点击wlan
长按wiredSSID,点击修改
选择显示高级选项 填写pc机ip 代理端口8080
常见故障
1:
Burp proxy error: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
找到jre/lib/security/java.security
将jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
改为jdk.certpath.disabledAlgorithms=
2:
无法在沙盘启动浏览器模式下正常工作。
安卓测试HTTPS服务
https://support.portswigger.net/customer/portal/articles/1841102-Mobile%20Set-up_Android%20Device%20-%20Installing%20CA%20Certificate.html
1:
Burp proxy error: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
找到jre/lib/security/java.security
将jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
改为jdk.certpath.disabledAlgorithms=
2:
无法在沙盘启动浏览器模式下正常工作。
安卓测试HTTPS服务
https://support.portswigger.net/customer/portal/articles/1841102-Mobile%20Set-up_Android%20Device%20-%20Installing%20CA%20Certificate.html