Topic
2 replies Latest Post - ‏2012-10-02T00:45:36Z by dd4ff
SystemAdmin
SystemAdmin
403 Posts
ACCEPTED ANSWER

Pinned topic Android native application

‏2012-10-01T13:38:17Z |
Is there any way where we can route the android native app traffic(i mean native app as an application which connects to the internet i.e not browser based) through appscan standard and capture the flow thru the app via manual explore.
Updated on 2012-10-02T00:45:36Z at 2012-10-02T00:45:36Z by dd4ff
  • bbrazeau
    bbrazeau
    148 Posts
    ACCEPTED ANSWER

    Re: Android native application

    ‏2012-10-01T14:51:35Z  in response to SystemAdmin
    Hi,

    If you can change/set the proxy traffic from the android application, you should be able to capture the traffic generated by the application in AppScan Standard.

    An example of this is listed in the below technote. Simply follow the instructions for configuring the proxy manually:
    http://www-01.ibm.com/support/docview.wss?uid=swg21287443

    -B
    • dd4ff
      dd4ff
      5 Posts
      ACCEPTED ANSWER

      Re: Android native application

      ‏2012-10-02T00:45:36Z  in response to bbrazeau
      Hi,

      There's one extra piece beyond what BBrazeau said. The AppScan proxy listens only on loopback/localhost. So you need a piece to go between your Android and the AppScan proxy to expose the AppScan proxy on an externally accessible (not loopback/localhost) IP address.

      I use rinetd (http://www.boutell.com/rinetd/) for this.

      Then point your Android at this rinetd ip/port and your rinetd at the AppScan proxy port on 127.0.0.1.

      Keep in mind that AppScan probably only listens to the localhost for legitimate security reasons (there is no login on this proxy), so be careful doing this.

      Hope this helps.

      Dan