A man-in-the-middle (MITM) attack is a type of cyber attack where a hacker intercepts the communication between two parties to eavesdrop, manipulate or steal information. The attacker positions themselves in between the two parties, making it appear as if they are communicating directly with each other, when in fact, the attacker is intercepting and possibly altering the communication. This can occur in many different types of communication, such as email, instant messaging, or web browsing. MITM attacks can be very dangerous, as they allow the attacker to potentially gain access to sensitive information, such as login credentials or financial data.
Problem:
Setting an HTTP proxy cause the HTTP and HTTPS traffic redirect to us. How about others protocols?
Solution:
We use nm-connection-editor.
First we need a router device which should connected to VMware. We need an Kali or Ubuntu vm and we should pass the router to this vm.
Disable Router DHCP.
Do this instructions.
Done
If the device can’t get IP address just set it manually(Set the shared IP address. Exp: 10.42.0.2). Don’t remember to set DNS too. 😉
You can capture your main Network Interface or you can use -tcpdump option in android studio emulator.
For this purpose you should first enable port-forwarding in kernel:
echo 1 > /proc/sys/net/ipv4/ip_forward
Next we need to forward IPs from our shared IP interface exp 10.42.0.2 to our Burp Suite.
Note: I consider the Burp Suite is listen on 10.42.0.2:8080.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.42.0.1:8080