Foreword:
There are many tutorials about Burp+Yeshen app on the Internet, but there are too many pitfalls, so that it can't be fixed at the beginning. The biggest pitfall is that the Yeshen emulator uses Android 7 by default, but the installation of Android 7.0 and above does not trust the certificate installed by the user by default. There are various solutions, but there are also problems in the middle. In the end, the best solution was found, which is to use Android 5, and there will be no moths in the middle.
1. Environment
1. Burpsuite
2. Yeshen Simulator (just download the latest version): https://www.yeshen.com/
Two, Burpsuite configuration
1. View the local ip : cmd+ipconfig
2. Burp set to monitor the local IP and port
3. Configuration of Ye Shen Simulator
1. After installing Yeshen, first open the Yeshen multi-opener and add an Android 5 emulator
2. In the system settings, set the emulator proxy to the ip and port that Burp monitors
设置 -> WLAN -> 长按WiredSSID -> 修改网络
3. Browser access http://burp, download CA certificate
4. Change the suffix of the downloaded ca certificate to .cer, otherwise it cannot be installed
Open 文件管理器 -> storage -> emulated -> 0 -> Download, then right click and hold cacert.der, rename it to cacart.cer
5. Install the certificate
系统设置 -> 安全 -> 从SD卡安装, the path where the certificate is located is Download
If you are prompted to set a password during installation, just set one at will.
4. Verification
Take Sina Weibo as an example. After installing Sina Weibo, open it directly, and you can see that the page is loaded normally, and burp has obtained the data package:
