## Configuring Global HTTP Proxy Settings ### Linux To set and unset a system-wide proxy-server: ```bash export http_proxy=http://127.0.0.1:8080 unset http_proxy ``` ### Windows Head to Proxy Settings, turn on "Use a proxy server", set the address to: ```text http=127.0.0.1:8080;https=127.0.0.1:8080 ``` And add to the exceptions box: ```text *.local ``` See also [[How Does TLS Work#Importing Certificates#Windows]]. #### Covertly Setting Proxy [[Windows - Covertly Controlling Settings#Network and Internet#HTTP Proxy Server]] ## Installing Root CAs ### iOS We can simply add an HTTP Proxy through the iPhone's settings app and have it point to Burp. Start Burp and add another listening interface reachable by devices on the LAN. Then on the Apple device: *Settings* > *Wi-Fi* > Info button next to connected SSID > Scroll to bottom and under *HTTP PROXY* > *Manuel* > Burp details. If you don't have Burp's certificate installed then while proxying, head to http://burpsuite and download the certificate to the Apple device. Once it's installed you can turn it on and off by searching in *Settings* > *Trusted Certificates*. [[2022-07-10_Sun]] - See [this page](https://bytepen.gitlab.io/toys/iphone-se-2/tools/frida.html) for tips to get Burp to work with iOS which sometimes doesn't trust its certificate. I couldn't get it to load `apple.com`. ### Android [Blog post](https://blog.ropnop.com/configuring-burp-suite-with-android-nougat). Export Burp certificate. ```bash openssl x509 -inform DER -in cacert.der -out cacert.pem openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1 mv cacert.pem <hash>.0 # example 9a5ba575.0 adb root adb remount adb push <cert>.0 /system/etc/security/cacerts/ adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0 reboot ``` ## Proxying Proxy-Unaware Programs [[Proxying Network Traffic - Mobile Applications]] [[Proxying Network Traffic - Binaries]] *** ## Footnotes Resources