Burpsuite Plugin to decrypt AES Encrypted visitors on the fly.
- Burpsuite 1.7.36
- Windows 10
- xubuntu 18.04
- Kali Linux 2018
What it does
- The IProxyListener decrypt requests and encrypt responses, and an IHttpListener than encrypt requests and decrypt responses.
- Burp sees the decrypted visitors, together with Repeater, Intruder and Scanner, however the consumer/cell app and server see the encrypted model.
NOTE: Currently help
How it really works
- Require AES Encryption Key (Can be obtained by utilizing frida script or reversing cell app)
- Require AES Encryption Initialize Vector (Can be obtained by utilizing frida script or reversing cell app)
- Request Parameter (Leave clean in case of entire request physique)
- Response Parameter (Leave clean in case of entire response physique)
- Character Separated with house for obfuscation on request/response (In case of Offuscation)
- URL/Host of goal to decrypt/encrypt request and response
How to Install
Download jar file from Release and add in burpsuite
Getting AES Encryption Key and IV
- First setup frida server on IOS and Android system.
- Launch Application on cell system.
- Run this frida script in your host machine to get AES Encryption Key and IV.
- Provide SecretSpecKey below
- Procide IV below
- Provide Host/URL to filter request and response for encryption and decryption
Start AES Killer