Man-in-the-Middle attacks

Set up the proxy and point it to your system IP, which is running the Burp proxy either in wireless or the APN settings, which we discussed in Chapter 4, Loading up – Mobile Pentesting Tools.

Now, open the DVIA app and navigate to Menu | Transport Layer Protection | Enter Data | SEND OVER HTTP; you should be able to see the following screenshot on your system that is running the proxy:

Beating the SSL cert pinning

Following the preceding steps, if you try to hit SEND OVER HTTPS, you might receive the following error, as shown in this screenshot:

Now, you have to navigate to Settings | SSL Kill Switch and turn on the option ...

Get Mobile Application Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mobile Application Penetration Testing by Vijay Kumar Velu

Man-in-the-Middle attacks

Beating the SSL cert pinning

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly