Configuring Android Studio emulator to Work With Burp Suite
This is a short blog where you will learn about how you intercept HTTP or HTTPS traffic Android Studio AVD to BurpSuite. The reason for writing this blog is because I I myself spent hours to figure out how to intercept traffic in BurpSuite from android studio AVD.
I assume that android studio and BurpSuite are properly installed inside your system and are working properly. Lets start by configuring BurpSuite to intercept traffic from Android Studio ADV
- Open BurpSuite
- Go to Options under Proxy tab
- Click Add in order to add new Proxy Listeners
- Now enter your desired port which is available, in my case I am using 8085.
- Choose radio button having option All interfaces and click OK
- Make sure that under Proxy Listeners, *.8085 interface is checked
- BurpSuite is configured
Lets configure Android Studio
- Open android studio and create an emulator using AVD manager available under Tools in android studio.
- In my case I am creating Pixel 27 Android 8.1.
- Choose Release name based on your requirement.
- Incase you get this error /dev/kvm device: permission denied, then you need to give root permission to
- Use command
sudo chmod 777 -R /dev/kvmto assign permissions
Make sure you don’t forget to give AVD Name, I have named it as target_machine.
- Check you system network interface
ifconfig. In my case it is
- Navigate to directory where you installed Android Studio and its components if any
- By default it is in users home directory, use below command to go there
- Now once you are in the emulator directory, run command
./emulator -http-proxy http://192.168.0.108:8085 -avd target_machine
- Follow steps as mentioned in below image
- Configure the manual proxy configuration
Lets see whether Burp intercept traffic from android studio AVD or not.
Open BurpSuite and turn on intercept. Access any site in phone browser. As shown in below image we are successfully able to capture traffic in BurpSuite
But when we forward the request in BurpSuite, browser shows the connection is not secure because it requires Burp CA certificate.