Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Re: [WEB SECURITY] Blackberry apps security assessment

AS
Andreas Schmidt
Tue, Dec 18, 2012 7:57 AM

Hi Chintan,

you don't have to run your app on linux. All you have to do is to
configure your Blackberry to use the linux system on which WATOBO is
running as its default gateway. When you use WATOBO in transparent mode
you don't even have to change the proxy settings of your Blackberry.

You will find a detailed how-to here
http://siberas.blogspot.de/2012/08/watobo-099-supports-transparent-mode.html

Regards,
Andy

Am 18.12.2012 03:52, schrieb Chintan Dave:

Hi Andreas, the version of Blackberry JDE the app is being built on -
I don't think it comes with support for simulators for Linux platform.
However, I'll still check if I can port it to Linux.

None the less, i'd still love to check your proxy out. Thanks for
bringing it to my notice. I'll let you know should I need any further
help.

Thanks,
Chintan

On Mon, Dec 17, 2012 at 12:44 PM, Andreas Schmidt
<webappsec@siberas.de mailto:webappsec@siberas.de> wrote:

 Hi Chintan,

 I don't now how to do it with burp, but you could try it with
 WATOBO which supports transparent proxy mode (on linux).
 You find a brief description here
 http://siberas.blogspot.de/2012/08/watobo-099-supports-transparent-mode.html

 regards,
 andy

 PS:"I'm the author of WATOBO, so if you run into problems please
 contact me"


 Am 16.12.2012 07:48, schrieb Chintan Dave:

 Hi,

 I am trying to route a blackberry app via burp. 
 I did some quick research and found that updating
 rimpublic.property file of MDS will do the job.

 I included appropriate config details under HTTPHandler and
 pointed it the ip on which my burp is running. However, the
 traffic from the simulator is still not getting routed via burp.
 The app is unable to connect to the server. 

 So its not bypassing the proxy, but is not hitting burp either.

 Is anyone aware of any other method of routing the http traffic
 via proxy?

 Any help on this matter will be much appreciated.

 PS: HTTPS is disabled to ensure that everything uses HTTP.



 -- 
 Regards,
 Chintan Dave


 _______________________________________________
 The Web Security Mailing List

 WebSecurity RSS Feed
 http://www.webappsec.org/rss/websecurity.rss

 Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

 WASC on Twitter
 http://twitter.com/wascupdates

 websecurity@lists.webappsec.org <mailto:websecurity@lists.webappsec.org>
 http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

--
Regards,
Chintan Dave,

LinkedIn: http://in.linkedin.com/in/chintandave
Blog:http://www.chintandave.com

Hi Chintan, you don't have to run your app on linux. All you have to do is to configure your Blackberry to use the linux system on which WATOBO is running as its default gateway. When you use WATOBO in transparent mode you don't even have to change the proxy settings of your Blackberry. You will find a detailed how-to here http://siberas.blogspot.de/2012/08/watobo-099-supports-transparent-mode.html Regards, Andy Am 18.12.2012 03:52, schrieb Chintan Dave: > Hi Andreas, the version of Blackberry JDE the app is being built on - > I don't think it comes with support for simulators for Linux platform. > However, I'll still check if I can port it to Linux. > > None the less, i'd still love to check your proxy out. Thanks for > bringing it to my notice. I'll let you know should I need any further > help. > > Thanks, > Chintan > > > On Mon, Dec 17, 2012 at 12:44 PM, Andreas Schmidt > <webappsec@siberas.de <mailto:webappsec@siberas.de>> wrote: > > Hi Chintan, > > I don't now how to do it with burp, but you could try it with > WATOBO which supports transparent proxy mode (on linux). > You find a brief description here > http://siberas.blogspot.de/2012/08/watobo-099-supports-transparent-mode.html > > regards, > andy > > PS:"I'm the author of WATOBO, so if you run into problems please > contact me" > > > Am 16.12.2012 07:48, schrieb Chintan Dave: >> Hi, >> >> I am trying to route a blackberry app via burp. >> I did some quick research and found that updating >> rimpublic.property file of MDS will do the job. >> >> I included appropriate config details under HTTPHandler and >> pointed it the ip on which my burp is running. However, the >> traffic from the simulator is still not getting routed via burp. >> The app is unable to connect to the server. >> >> So its not bypassing the proxy, but is not hitting burp either. >> >> Is anyone aware of any other method of routing the http traffic >> via proxy? >> >> Any help on this matter will be much appreciated. >> >> PS: HTTPS is disabled to ensure that everything uses HTTP. >> >> >> >> -- >> Regards, >> Chintan Dave >> >> >> _______________________________________________ >> The Web Security Mailing List >> >> WebSecurity RSS Feed >> http://www.webappsec.org/rss/websecurity.rss >> >> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA >> >> WASC on Twitter >> http://twitter.com/wascupdates >> >> websecurity@lists.webappsec.org <mailto:websecurity@lists.webappsec.org> >> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > > > > > -- > Regards, > Chintan Dave, > > LinkedIn: http://in.linkedin.com/in/chintandave > Blog:http://www.chintandave.com
Empathy v1.0   2024 ©Harmonylists.com