Install and configure Burpsuite
following the same steps here.
- Configure the device to use the proxy
- Settings > Wi-Fi > Info button > Configure Proxy
- Use
Manual
to set the Proxy to the host IP running BurpSuite (vboxnet
LAN or Bridged LAN IP) and port8082
- Install the BurpSuite CA certificate on the iOS device
- Open
http://burpsuite:8082
on Safari - Select
CA Certificate
and clickAllow
to confirm the config profile download - Settings > General > VPN & Device Management > Downloaded Profile
- Install the
PortSwigger CA
- Install the
- Settings > General > About > Certificate Trust Settings
- Activate the toggle switch to enable full trust for root certificates
- Open
- On Safari navigate to
https://example.com
and check for the connection request inside BurpSuite- Depending on the tested mobile application, traffic can be intercepted
- Capture iOS network traffic (HTTP/HTTPS) without a Macbook
- Standalone app, works independently from Proxyman for macOS
- View HTTP/HTTPS Requests and Responses in plain text
- FaceID and Passcode for data protection
- Debugging tools like Map Local, Breakpoint, Block List, SSL Proxying List,No Caching
- Share logs to Proxyman for macOS
- other features
🔗 Atlantis for iOS - only for network inspectors
- Automatically intercept all HTTP/HTTPS Traffic
- Intercept WebSocket from iOS devices
- Support iOS Physical Devices and Simulators
- No need to configure HTTP Proxy or install/trust any Certificate
- Review traffic logs from Proxyman for macOS
- Categorize logs by app and devices
- Install
Proxyman for MacOS
on a Mac device and follow the iOS Setup Guide to configure the proxy
🔗 SSL Kill Switch 2 - (Old) tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.
- On a jailbroken device,
Objection
can be used to disable SSL Pinning and see HTTPS traffic using a proxy
# MacOS
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py
pip3 install --upgrade setuptools --break-system-packages
pip3 install objection --break-system-packages
pipx ensurepath
objection -g <AppName> explore -s "ios sslpinning disable"
❗ Use Jailbreaking with caution! Jailbreaking is legal in the US but may have legal implications in other countries.
Jailbreaking is the process of unlocking an iOS device to customize its functionality beyond Apple's restrictions, enabling the installation of custom apps and tweaks for a personalized user experience.
- iOS prioritizes security and reliability with built-in protections against malware, viruses, but jailbreaking can compromise these safeguards, leading to security risks, instability, and reduced battery life
- Jailbreaking iOS is necessary to conduct full iOS penetration testing
- Types of jailbreak
📌 Follow my iOS Jailbreak Guide and make sure you always check for updated commands/guides before step into jailbreaking.
- A good resource website is iOS CFW Guide - Get Started
- Different devices will require different steps and tools to jailbreak an iOS!