🚀New Media Injection Widget for Genymotion SaaS!
Sign in
Sign in

How to connect Burp Suite to Genymotion

Prerequisites

Step 1 – Setting up Burp Suite

  1. In Burp Suite, go to the Proxy tab.
  2. Click on Proxy Settings

Here, we will choose to listen to port 8080 from all interfaces:

Burp Suite Proxy Settings window.
  • Click import/export CA certificate > Export > Certificate in DER format
  • Choose a path and name it anything with a .der extension
  • Click Next

We will use the name Burp_cert.der as an example for this tutorial.

Step 2 – Upload and install the Burp Suite Certificate

Method 1: As a user certificate

To intercept basic traffic, such as simple HTTP, you will just need to add the certificate in the user certificate store:

  1. Start your device.
  2. Drag’n drop the Burp_cert.der file you generated to the device display.
  3. Go to Android Settings and search install a certificate. In the results, click Install certificates from SD Card and select CA certificate. Click install anyway to bypass the warning.
  4. Navigate to /sdcard/Download and click on Burp_cert.der.
  5. If you are using Android 9 or below, you may be requested to set a secure lock screen. Comply and set a lock.
  6. To verify whether the certificate is properly installed, go to Android settings, search and click Trusted credentials. You should see the certificate in the USER tab:

Method 2: As a system CA certificate

If you need to intercept more traffic, especially SSL (HTTPS), you will need to install the certificate as a certified CA system certificate, in the root store.

This method alters the Android system significantly and may irremediably break the device. Use with extreme care and only when necessary!

A. Connect the device to ADB

If you are using Genymotion Desktop, you can skip this step as ADB will automatically be connected to the first running local virtual device. For Genymotion SaaS and Genymotion PaaS, please refer to the following documentation:

B. Install the certificate

The method will differ depending on the Android image of your virtual device:

1. Root the device

Android 14+ images are not rooted by default, so make sure that the device is rooted before going any further. Please refer to Genymotion on-line documentation for instructions.

2. Install Magisk

Follow the instructions from our FAQ to install Magisk: How to install Magisk on Genymotion?

3. Install the certificate as user certificate

Follow the instructions from the previous chapter: “Method 1: As a user certificate”

4. Install the Cert-Fixer plugin for Magisk

  1. Download Cert-Fixer.zip from Cert-Fixer github repository.
  2. Upload the file to the device. You can either use adb push Cert-Fixer.zip /sdcard/Download or simply drag’n drop the file to the device display.
  3. Open Magisk and go to the Plugins section.
  4. Click “Install from storage” and select Cert-Fixer.zip from the Download folder (/sdcard/Download)
    Magisk plugin window with "Install from storage" button.
  5. Wait for the plugin to install. When done, click “Reboot” to reboot the device.
    Magisk plugin installation log window.

After a reboot, the Burp Suite CA certificate (“PortSwigger CA”) should now be installed as a system certificate:
Trusted credentials window showing the Burp Suite CA certificate

The Cert-Fixer plugin will copy any user certificate as system certificate on boot. If you don’t need to install any other system certificates, make sure to disable the plugin to avoid installing system certificates by mistake.

1. Root the device

Android 12 & 13 images are not rooted by default, so make sure that the device is rooted before going any further. Please refer to Genymotion on-line documentation for detailed instructions.

2. Convert the certificate

We need to convert the Burp certificate into PEM format. Use openssl to convert DER to PEM, then output the subject_hash_old:

openssl x509 -inform DER -in Burp_cert.der -out Burp_cert.pem # Convert DER certificate to PEM
openssl x509 -inform PEM -subject_hash_old -in Burp_cert.pem | head -1 # Display subject_hash_old

Then, rename the file with the output hash from the last command. For example, if the hash is 9a5ba575, then rename the file as 9a5ba575.0:

mv Burp_cert.pem 9a5ba575.0

3. Install the certificate

First, we need to make the /system partition writeable:

adb root # switch to root
adb shell 'mount -o rw,remount /' # remount the system with write permission
adb push <cert>.0 /system/etc/security/cacerts/ # upload the certificate
adb shell chmod 644 /system/etc/security/cacerts/<cert>.0 # Change the certificate permissions

For example, with the 9a5ba575.0 certificate:

adb rootnadb shell 'mount -o rw,remount /'
adb push 9a5ba575.0 /system/etc/security/cacerts/
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0

Reboot the device.

After the device has rebooted, browsing to Settings -> Security -> Trusted Credentials should show the new “Portswigger CA” as a system trusted CA:
Android system window showing trusted credentials with System certificates.

1. Root the device

Android 10 & 11 images are not rooted by default, so make sure that the device is rooted before going any further. Please refer to Genymotion on-line documentation for detailed instructions.

2. Convert the certificate

We need to convert the Burp certificate into PEM format. Use openssl to convert DER to PEM, then output the subject_hash_old:

openssl x509 -inform DER -in Burp_cert.der -out Burp_cert.pem # Convert DER certificate to PEM
openssl x509 -inform PEM -subject_hash_old -in Burp_cert.pem | head -1 # Display subject_hash_old

Then, rename the file with the output hash from the last command. For example, if the hash is 9a5ba575, then rename the file as 9a5ba575.0:

mv Burp_cert.pem 9a5ba575.0

2. Install the certificate

First, we need to make the /system partition writeable:

adb root # switch to root user
adb remount # remount the system with write permission
adb push <cert>.0 /system/etc/security/cacerts/ # upload the certificate
adb shell chmod 644 /system/etc/security/cacerts/<cert>.0 # Change the certificate permissions

For example, with the 9a5ba575.0 certificate:

adb root
adb remount
adb push 9a5ba575.0 /system/etc/security/cacerts/
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0

Reboot the device.

After the device has rebooted, browsing to Settings -> Security -> Trusted Credentials should show the new “Portswigger CA” as a system trusted CA:
Android system settings window showing trusted credentials with system certificates.

Step 3 – Set Android global proxy to Burp Suite proxy

Though it is possible to use Android settings, we recommend using ADB command line tool which is more reliable and easier to handle. To set the global proxy, use the following adb command:

adb shell settings put global http_proxy <burp_proxy_ip>:<burp_listening_port>

<burp_proxy_ip> is the IP of the host machine where Burp Suite is running, <burp_listening_port> is Burp Suite Listening port.

For example, if Burp is running on a host machine with IP 92.68.1.84 and is listening to port 8080, then the command should look like:

adb shell settings put global http_proxy 92.68.1.84:8080

From then, Internet traffic should be redirected to Burp Suite.

Though this setting is global, applications may have their own proxy settings which cannot be controlled this way. The only solution in this case is to use a third party Android application, such as ProxyDroid, to redirect all trafic from the device to Burp Suite proxy.

Disable global proxy

If the proxy is still set after stopping the device, Wifi may be disabled the next time you start the device. To avoid this, make sure to unset the global proxy before stopping the device.

Use the following ADB command to unset the proxy:

adb shell settings put global http_proxy :0

About Genymotion Desktop (local setup only)

If Genymotion Desktop and Burp Suite run on the same host computer, you can use the following configuration for the proxy in the virtual device.

With VirtualBox (Windows)

You can use the IP address 10.0.3.2 from the virtual device to reach Burp Suite; IP 10.0.3.2 is a VirtualBox alias to your host loopback interface (i.e., 127.0.0.1 on your host machine).

So, if Burp Suite listens to 127.0.0.1:8080, it can be accessed from the virtual device using the IP 10.0.3.2:8080. All you need is to set Android global proxy to this address and port:

adb shell settings put global http_proxy 10.0.3.2:8080

With QEMU (Linux/Mac)

Unlike VirtualBox, there is no loopback interface when using QEMU. However, it is possible to use adb reverse to bind a virtual device local port to a host local port.

First set Android global proxy to localhost:3333 (or any other available port):

adb shell settings put global http_proxy localhost:3333

If Burp Suite listens to *:8080, we then need to use:

adb reverse tcp:3333 tcp:8080

In this example, this will bind the virtual device local TCP port 3333 to your host machine local TCP port 8080.

Scroll to Top

Select Product Portal

SaaS Platform

Access to our SaaS solution and use virtual machines in the cloud on any web browsers.

sign in saas

Or

Or

Desktop Platform

Access to manage your Genymotion Desktop licenses, your invoices and account information.

sign in desktop

How to get a quote for multiple Business Licenses?

  1. You need a Genymotion Desktop account. If you haven’t one yet, you can create it here.
  2. After creation and activation, or if you already have an account, follow this link.
  3. Add the number of desired licenses to your shopping cart and click “Continue to Billing”
  4. Add a shipping address, or select one if you already created one.
  5.  In the next page, click “Get a quote”:
    Payment details
  6. A quote will be automatically generated in PDF format.

Genymotion Device Image for Cloud providers
- Private Offer -

Genymotion Self-hosted (on-premises)
- Contact Us -

Genymotion SaaS
- Increase Maximum Simultaneous devices -

Genymotion SaaS Enterprise Plan
- Get a Quote -

Genymotion SaaS Premium Plan
- Get a Quote -

Personal Use - Free

Genymotion Desktop for personal use is not suitable for trial or POC: you will not get any assistance and some features will be disabled. If you have already selected “personal use” and wish to get a trial license, please contact our Sales at [email protected].

Technical support is not available with Genymotion Desktop free edition for personal use. For more details, please refer to Genymotion conditions of use (Personal Use).

The following features are not available in personal use mode:

  • Latest available Android version
  • Quick boot
  • Camera and Media injection widgets
  • Network profiles
  • gmtool full commands
  • GPS route simulation

Follow these steps to get Genymotion Desktop and activate personal use mode:

  1. Go to the Download page and get the latest version for your system.
  2. Follow the instructions from Genymotion Desktop quickstart guide to install Genymotion Desktop.
  3. Launch Genymotion and click CREATE to create an account. You should receive an activation email within an hour. If not, make sure to check your spam.
  4. After activating your account, return to Genymotion and log in with your credentials.
  5. Select personal use when prompted.
  6. Read Genymotion Desktop quickstart guide carefully to setup Genymotion for your needs.

Contact Sales
- Premium Plan -

Select a Cloud provider Marketplace