Pinned topic Android native application
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Is there any way where we can route the android native app traffic(i mean native app as an application which connects to the internet i.e not browser based) through appscan standard and capture the flow thru the app via manual explore.
Updated on 2012-10-02T00:45:36Z at 2012-10-02T00:45:36Z by dd4ff
bbrazeau 2700013NU6148 Posts
Re: Android native application2012-10-01T14:51:35ZThis is the accepted answer. This is the accepted answer.Hi,
If you can change/set the proxy traffic from the android application, you should be able to capture the traffic generated by the application in AppScan Standard.
An example of this is listed in the below technote. Simply follow the instructions for configuring the proxy manually:
dd4ff 060001HP6510 Posts
Re: Android native application2012-10-02T00:45:36ZThis is the accepted answer. This is the accepted answer.
- bbrazeau 2700013NU6
There's one extra piece beyond what BBrazeau said. The AppScan proxy listens only on loopback/localhost. So you need a piece to go between your Android and the AppScan proxy to expose the AppScan proxy on an externally accessible (not loopback/localhost) IP address.
I use rinetd (http://www.boutell.com/rinetd/) for this.
Then point your Android at this rinetd ip/port and your rinetd at the AppScan proxy port on 127.0.0.1.
Keep in mind that AppScan probably only listens to the localhost for legitimate security reasons (there is no login on this proxy), so be careful doing this.
Hope this helps.