Bypassing Certificate Pinning
Purpose: To bypass SSL and capture transmitted data using mitmproxy.

  • Man-In-The-Middle Attack using mitmproxy.
  • Used on apps that didn't accept fake certificates from Burpsuit.
  • This time we will install the proxy's certificate in the device's trust store.
  • We also need to manually register mitmproxy in the device as trusted Certificate Authority (CA)
  • This method will only work if certificate pinning is not employed.

Demo: In the video above we use Burpsuit proxy in an attampt to bypass the SSL and capture the transmitted data. We configure the smartphone
to use the proxy and the proxy to listen to traffic comming from the device. When this is done the proxy generates and presents to the client a self-signed (fake) certificate.
In the above example we can see that we are unable to see/capture any traffic and at some point the application throws an error, rejecting the fake certificate.