Intercepting Http/Https traffic of Uwp apps on Windows desktop
In the previous article of the series, we have discussed how to intercept HTTP/HTTPS traffic of Windows Phones. In this article, we will discuss how to intercept HTTP/HTTPS traffic of the Universal Windows Platform apps running on a Windows 10 computer.
Note: The sample application used in this article can be downloaded here:
[download]
FREE role-guided training plans
Proxying HTTPS traffic
We will begin with configuring our Windows 10 Desktop to send all it's HTTP traffic to Burp Proxy. It is as simple as changing Edge browser's proxy settings and point it to Burp Proxy. In my case, Burp is running on a Mac machine within the same network. So, I have to make sure that Burp has similar settings that are explained in the previous article. If you are running the target app and Burp Suite on the same machine, default burp settings are fine, and no additional settings are required for Burp.
Now, let's launch our test application, and you should see the following screen.
Let me quickly explain what this app does.
- When you click Send HTTPS request button, the app will send a request to https://www.google.com.
- If the connection is successful, you will see a success message with response headers.
- If any exception occurs, the exception details will be displayed.
Let us click Send HTTPS request button, and we will be shown with the following message as we are using Burp Suite to intercept the traffic.
Following is the Exception shown in Visual Studio Console while running the app from Visual Studio.
A trusted certificate authority did not issue the security certificate presented by Burp Suite once again. The solution is same as what we have done in the previous article. We need to add Burp's root CA certificate to your Windows machine's trust store.
Let us first get the root CA certificate of burp onto our local machine.
Configure Firefox browser to send all its traffic to burp proxy. This looks as shown in the figure below.
Now, point your browser to some HTTPS website. In my case, it is https://www.oracle.com. This should look as shown below.
Click, Add Exception button in the above windows and you should see the following screen.
Click View, and you will see the following window.
Next, click details and choose PortSwigger CA and then click export. This looks as shown in the figure below.
Now, we have Burp's root CA certificate on our machine. This has to be added to your Windows machine's trust store.
We can do it in two ways:
- The long way.
- The short way
The long way
Let us first discuss the long way, because it will help you to understand the whole process of where the newly given root CA certificate is being added on your Windows machine. This is important because you are compromising your machine and you need to be able to remove the certificate installed when you don't need it.
We need to use Microsoft Management Console to do this.
Let's begin.
Point to Start, and then click Run. In the Run dialog box, in the Open box, type MMC, and then click OK. You should see the following window.
On the File menu, click Add/Remove Snap-in. Under Available snap-ins, click Certificates, and then click Add. This looks as shown in the figure below.
Under This snap-in will always manage certificates for, click Computer account, and then click Next.
Click Local computer, and click Finish.
Next, click OK in the window shown below.
In the console tree, you should be bale to see a new item named Certificates as shown in the figure below.
Expand it, and select Trusted Root Certificate Authorities. Right-click on Certificates and navigate through All Tasks | Import as shown in the figure below.
Now, you will be taken through the Certificate Import Wizard.
Click Next in the previous window and choose the PortSwigger CA certificate we downloaded earlier.
Choose the radio button that allows you to place the certificate in the Trusted Root Certification Authorities as shown in the figure below.
Finally, click Finish.
If everything is correctly done, you should see the message import was successful, and PortSwigger certificate can be found inside Certificates if you expand it in the Console tree.
If you want to remove the certificate, you can navigate to the same location and right click on the PortSwigger CA certificate and delete. This looks as shown in the following figure.
The short way
The second way is to double click the PortSwigger CA certificate we downloaded and following the steps shown below. When you double click the PortSwigger CA certificate, it will show us an option to install it. This looks as shown in the figure below.
Click Install Certificate, and you will see the following figure.
In the above screen, choose Local Machine and click Next. Next, choose Place all certificates in the following store and browse Trusted Root Certification Authorities as shown in the figure below.
Click Next, and you should see the following screen.
Click Finish and the certificate import should be a success.
In both the cases, the certificate will be added to your Computer's trust store.
Now, your system will trust the certificate presented by Burp. Let us launch the app once again and click Send HTTPS request button.
You should be able to see the response headers as shown in the figure below.
By default, the certificate presented by the Burp Proxy is not trusted by your computer since your machine doesn't contain the root CA certificate in its trust store. For the machine to accept the SSL connections with Burp without throwing SSL errors, we need to add burp's root CA certificate. So, we have added Burp root CA certificate to the computer's trust store. The machine is now aware of the certificate presented by Burp, and it should accept the connections without throwing any errors.
Become a Certified Ethical Hacker, guaranteed!
Get training from anywhere to earn your Certified Ethical Hacker (CEH) Certification — backed with an Exam Pass Guarantee.
Conclusion
In this article, we have discussed how to intercept HTTP/HTTPS traffic of UWP apps on Windows Desktop.
- 12 pre-built training plans
- Employer-requested skills
- Personalized, hands-on training
In this Series
- Intercepting Http/Https traffic of Uwp apps on Windows desktop
- Intelligence-led pentesting and the evolution of Red Team operations
- Red Teaming: Taking advantage of Certify to attack AD networks
- How ethical hacking and pentesting is changing in 2022
- Ransomware penetration testing: Verifying your ransomware readiness
- Red Teaming: Main tools for wireless penetration tests
- Fundamentals of IoT firmware reverse engineering
- Red Teaming: Top tools and gadgets for physical assessments
- Red teaming: Initial access and foothold
- Top tools for red teaming
- What is penetration testing, anyway?
- Red Teaming: Persistence Techniques
- Red Teaming: Credential dumping techniques
- Top 6 bug bounty programs for cybersecurity professionals
- Tunneling and port forwarding tools used during red teaming assessments
- SigintOS: Signal Intelligence via a single graphical interface
- Top tools for mobile android assessments
- Top tools for mobile iOS assessments
- Red Team: C2 frameworks for pentesting
- Inside 1,602 pentests: Common vulnerabilities, findings and fixes
- Red teaming tutorial: Active directory pentesting approach and tools
- Red Team tutorial: A walkthrough on memory injection techniques
- Python for active defense: Monitoring
- Python for active defense: Network
- Python for active defense: Decoys
- How to write a port scanner in Python in 5 minutes: Example and walkthrough
- Using Python for MITRE ATT&CK and data encrypted for impact
- Explore Python for MITRE ATT&CK exfiltration and non-application layer protocol
- Explore Python for MITRE ATT&CK command-and-control
- Explore Python for MITRE ATT&CK email collection and clipboard data
- Explore Python for MITRE ATT&CK lateral movement and remote services
- Explore Python for MITRE ATT&CK account and directory discovery
- Explore Python for MITRE ATT&CK credential access and network sniffing
- Top 10 security tools for bug bounty hunters
- Kali Linux: Top 5 tools for password attacks
- Kali Linux: Top 5 tools for post exploitation
- Kali Linux: Top 5 tools for database security assessments
- Kali Linux: Top 5 tools for information gathering
- Kali Linux: Top 5 tools for sniffing and spoofing
- Kali Linux: Top 8 tools for wireless attacks
- Kali Linux: Top 5 tools for penetration testing reporting
- Kali Linux overview: 14 uses for digital forensics and pentesting
- Top 19 Kali Linux tools for vulnerability assessments
- Explore Python for MITRE ATT&CK persistence
- Explore Python for MITRE ATT&CK defense evasion
- Explore Python for MITRE ATT&CK privilege escalation
- Explore Python for MITRE ATT&CK initial access
- Top 18 tools for vulnerability exploitation in Kali Linux
- Explore Python for MITRE PRE-ATT&CK, network scanning and Scapy
- Kali Linux: Top 5 tools for social engineering
- Basic snort rules syntax and usage [updated 2021]
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Penetration testing
Intelligence-led pentesting and the evolution of Red Team operations
Penetration testing
Red Teaming: Taking advantage of Certify to attack AD networks
Penetration testing
Penetration testing
Ransomware penetration testing: Verifying your ransomware readiness