'Proxied IOS App doesn't send http/s requests? How are they fetching the data then?

I'm currently trying to intercept API calls of an IOS App. Why? I want to reverse engineer their private API and use it for more specific requests. However, the App has nearly zero https traffic and traffic via web sockets. The only requests they have sent during the start of the app were on to:

  • Mapbox (probably to display maps)
  • and Google to request a fcmtoken for Cloud Messaging

Thus, I was wondering how they fetch the data displaying in the app. enter image description here



Solution 1:[1]

After some more deep research and reverse engineering the android app, I noticed that the app uses flutter. The problem with that is that Flutter uses Dart and Dart is not proxy aware and uses its own certificate store. Hence, the application doesn't take any proxy settings from the system and sends data directly to the server. Thus, I wasn't able to intercept the request using Burpsuite.

I was able to intercept the firebase and mapbox requests as they were imported as nodejs packages.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 BennoDev