Burp Suite Mobile Assistant is a tool to facilitate testing of iOS apps with Burp Suite. It supports the following key functions:
- It can modify the system-wide proxy settings of iOS devices so that HTTP(S) traffic can be easily redirected to a running instance of Burp.
- It can attempt to circumvent SSL certificate pinning in selected apps, allowing Burp Suite to break their HTTPS connections and intercept, inspect and modify all traffic.
Burp Suite Mobile Assistant needs to be installed onto a jailbroken device due to the nature of its features. Jailbreaks usually install the popular package manager Cydia which can be used to install Mobile Assistant.
This tutorial demonstrates how to install Mobile Assistant using Cydia:
Note: MobileAssistant currently supports iPhones, iPods and iPads running versions 8.0 onwards of the iOS operating system. Additionally, the certificate pinning bypass feature of Mobile Assistant does not currently support iOS version 10 onwards.
Launch Burp Suite on a system that is network-accessible from the jailbroken device, and ensure the proxy listener is bound to an accessible network interface and port.
The next step is to add the instance of BurpSuite to Cydia's package sources.
On the jailbroken device, open Cydia.
Navigate to the Sources tab.
Tap the Edit button located at the top right-hand corner.
Tap the Add button located at the top left-hand corner.
Populate the APT URL prompt with the IP address (or hostname) and port number of your Burp Proxy listener, using HTTP as the protocol, e.g. http://[burp-host-ip]:8080.
If Cydia is not able to connect, verify that your Burp Proxy listener is configured to listen on the relevant network interface, and that connections are not being blocked by your computer's host firewall or by device segregation in your wireless network.
Tap the Done button to finish.
Burp Suite should now appear as an individual source.
Tap on the "BurpSuite Pro" option.
Install Mobile Assistant from the new Cydia package source in the normal way. Either search for Mobile Assistant or browse the new source's packages.
Then tap "Confirm".
When the download is complete, click "Restart Springboard".
The Mobile Assistant icon should now appear on your device.
You can now begin to route traffic via Burp Suite.
Note: Advanced users may want to obtain Mobile Assistant directly. They can do this by pointing a web browser to BurpSuite's in-browser interface, i.e. http://192.168.1.10:8080/mobileassistant.deb.