GenieMD Broken SSL

Summary

What You Need

• Genymotion set up with Google Play
• Burp running as a proxy
• The Genymotion networking configured to send traffic through Burp

Adjusting Android Networking to Bypass the Proxy

Drag the screen to the left to see the second page of apps.

Click Settings.

In Settings, click Wi-Fi.

Click and hold WiredSSID until a box pops up.

Click on "Modify network".

Check the "Show advanced options" box and select None from the Proxy Settings menu.

Then click Save.

Installing the GenieMD Android App

If you don't have Google Play, or you prefer to use an old version, download the APK file from the link below, and drag it onto the Genymotion Android device:

com.geniemd.geniemd-1.apk

You are supposed to enter in personal medical data.

It hasn't been updated since last year:

Adjusting Android Networking to Use the Burp Proxy

Drag the screen to the left to see the second page of apps.

Click Settings.

In Settings, click Wi-Fi.

Click and hold WiredSSID until a box pops up.

Click on "Modify network".

Check the "Show advanced options" box and select Manual from the Proxy Settings menu.

Enter your host machine's IP address in the "Proxy hostname" field, and 8080 in the "proxy port" field, as shown below.

Then click Save.

Observing the HTTPS Traffic

Log in with test credentials:

Harvest them from Burp:

This is not a security problem, because you have the PortSwigger certificate installed--your Android device has been told to trust Burp.

Removing the PortSwigger Certificate

Scroll down and click Security.

Scroll to the bottom and click "Clear credentials".

Click OK.

Testing HTTPS Connections

Open google.com.

You should see an error message, as shown below.

No valid HTTPS connections can be made from your device now.

Logging In Again

Log in with test credentials:

Harvest them from Burp:

This is a big problem--the MITM attack is allowed.