'iOS 13 Burp Suite Proxy Unable to Connect

I am trying to run Burp Suite proxy to do some testing from my phone.

I have setup Burp Suite Community Edition 2.1.04 I have set my wifi to use my computer's IP address as the proxy on the correct port in Proxy > Options > Proxy Listeners.

enter image description here

From my iOS device I used Safari and went to http://{ComputerIP}:{Port} and installed the CA Cert. I installed the Cert from Settings. I also trusted the cert in About > Cert Trust Settings.

enter image description here

I can't get out to the internet on my phone. I can see in the Burp Suite HTTP History that a connection to Google was made but the connection was closed. I tried http://example.com and still couldn't get out.

GET / HTTP/1.1
Host: www.google.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cookie: REALLY LONG COOKIE STRING
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.1 Mobile/15E148 Safari/604.1
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Connection: close

I have followed this and this tutorial, but no luck.

Any thoughts?

I tried Charles Proxy, but I need TLS 1.3.

proxycharles-proxyburp


Solution 1:[1]

I think you should wait for Port Swigger certificate update. There are new requirements in iOS 13 for TLS - https://support.apple.com/en-us/HT210176

As alternative you can use https://proxyman.io/ with macOS. This should work with iOS13

Solution 2:[2]

For Burp on iOS 13 the provided certificate by the proxy does not work, I had generated my own doing the following...

Make a new folder:

 mkdir BurpCA && cd BurpCA

Create BurpCA.cnf file with this content:

[ req ]
default_md              = sha256
distinguished_name      = req_distinguished_name
x509_extensions         = root_ca

[ req_distinguished_name ]
countryName             = US
countryName_min         = 2
countryName_max         = 2
stateOrProvinceName     = California
localityName            = Los Angeles
0.organizationName      = ROTTEN APPLE
organizationalUnitName  = ROTTEN APPLE
commonName              = localhost
commonName_max          = 64
emailAddress            = admin@localhost
emailAddress_max        = 64

[ root_ca ]
nsComment               = "Certificate for Burp"
subjectKeyIdentifier    = hash
basicConstraints        = critical, CA:true
keyUsage                = critical, keyCertSign

Run

openssl req -x509 -newkey rsa:2048 -out BurpCA.cer -outform PEM -keyout BurpCA.key -days 720 -verbose -config BurpCA.cnf -nodes -sha256 -subj "/CN=ROTTEN APPLE CA"

Prepare the certificate to import it to Burp and set export password as "burp"

openssl pkcs12 -export -out Burp.pfx -inkey BurpCA.key -in BurpCA.cer

Open Burp (make sure to update to the latest version)

Go to:

  • Proxy Tab
  • Options
  • Import / Export CA Certificate
  • Certificate and private key in PKCS#12 format

Then on your iPhone set the proxy go to http://burp and follow the proper installation.

Solution 3:[3]

Got this working finally!

Here are the full instructions:

  1. Generate a certificate with the following commands: openssl req -x509 -nodes -newkey rsa:4096 -keyout myBurpCA.key -out root-ca.crt -days 365 -subj "/C=CA/O=Burp/OU=Certification Services/CN=MyBURPRootCA/" -addext "extendedKeyUsage=1.3.6.1.5.5.7.3.1" openssl pkcs12 -export -out BurpRootCA.pfx -inkey myBurpCA.key -in root-ca.crt

  2. Go to burp and use the "Import / Export CA certificate" option and select your newly generated certificate (use the pfx file). DO NOT use "Edit Proxy Listener -> Certificate -> Use a custom certificate". It will not work (this is a custom specific certificate, you still want a CA-signed per-host certificate).

  3. Go to the iPhone, configure the Burp Suite proxy as the proxy server and go to http://burp

  4. Download and install the certificate by click the top right corner, downloading it ("Allow") and then going to settings -> Profile Downloaded -> Install, to finish the additional installation steps.

  5. Authorize the installed certificate for TLS authentication by going to Settings > General > About > Certificate Trust Settings, and then toggle "Enable Full Trust for Root Certificates" on for the certificate.

That's it! Certificate is now valid for TLS authentication.

Solution 4:[4]

It's tricky to manually generate a self-signed certifciate that comply with new Apple Security Update from iOS 13 and Catalina. Here is the simple one:

  1. Prepare cert.config file on Desktop folder
[ ca ]
default_ca    = CA_default
[ CA_default ]
default_md    = sha256
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = critical,CA:true
keyUsage=critical,keyCertSign
extendedKeyUsage = serverAuth,clientAuth
[ req ]
prompt = no
distinguished_name    = req_distinguished_name
[ req_distinguished_name ]
C=SG
L=SG
O=Proxyman
CN=proxyman.dev
OU=Proxyman

Please update values for C, L, O, CN, and OU param.

  1. Generate RSA Key in the Terminal app. (Make sure you replace your_password to your real password)
cd ~/Desktop
openssl genrsa -aes256 -passout pass:your_password -out key.pem 2048
  1. Generate the self-signed certificate and private key. (Make sure you replace your_password to your real password)
openssl req -x509 -new -nodes -passin pass:your_password -config cert.config -key key.pem -sha256 -extensions v3_ca -days 825 -out root-ca.pem
  1. Convert to p12 format. (Make sure you replace your_password to your real password)
openssl pkcs12 -export -out root-ca.p12 -in root-ca.pem -inkey key.pem -passin pass:your_password -passout pass:your_password
  1. Finally, you would have root-ca.p12 file.

If you're looking for an easier way to do it, let check out Proxyman with Custom Root Certificate feature. It possible to use it on iOS and Android remote devices.

Custom Root Certificate

Disclaimer: I write Proxyman app. Hopefully it helps anyone who struggle with SSL stuff.

Solution 5:[5]

I just set up Burp in ios 15 device. After installing Burp certificate from Settings -> Profile in my Iphone, SSL still wasn't working for me. However, i had to also go to Settings -> Trusted Certificates -> Certificate Trust Settings and toggle the PortSwigger Certificate.

I also had to go to Burp -> Proxy > Options > Edit proxy listener you are using -> Edit proxy Listener -> TLS Protocols. Use custom protocols and deselect TLSv1.1, TLSv1.1, TLSv1. I only selected TLSv1.3

Afterwards, SSL worked for me.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 ???????? ???????
Solution 2
Solution 3 Gil Cohen
Solution 4 Nghia Tran
Solution 5

Related Questions

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

Express and nginx net::ERR_CONTENT_LENGTH_MISMATCH

git:// through proxy

difference between http_proxy and https_proxy

What does "trust proxy" actually do in express.js, and do I need to use it?

Ubuntu 18.04 Problem Making Certificate Request, string too short

Tunnel MTPROTO proxy on whole device

First run of Android Studio. Unable to access Android SDK add-on list

Nginx reverse proxy issue long request

Zuul routing the requests through an external proxy server

Error "Gradle sync failed: Connection refused: connect"

I can't setup proxy in mern stack(react-vite) and do not know the reason

How does VPN extensions authenticate users?

Proxied IOS App doesn't send http/s requests? How are they fetching the data then?

AWS API Gateway path based routing to private integrations