You are troubleshooting a web application and want to see the data being sent. You think you can’t because it is encrypted with SSL. You totally can bro/bro-dette. You to-tal-ly can.
Download BURP (the free edition is fine)
Using Chrome, install zx2c4′s quick and dirty proxy flipper
When you run the Burp jar file, it will launch the gui along with a proxy running on port 8080. It will also create its own self signed certificate. Obviously this certificate has not been signed by any actual authority and will create issues for you. We are going to bypass this problem by essentially telling OSX to “TRUST” this self signed certificate.
Enable Quick And Dirty Proxy Flipper
Select the http://localhost:8080 radio button
With Burp running, access google.com using Chrome. You should get the following screen.
Let me explain what is happening. You are using chrome to access the web site google.com. Because you enabled zx2c4‘s quick and dirty proxy flipper. The chrome extension is proxying the request through Burp. Burp is then using its self signed certificate to encrypt the data. At this point, your chrome browser is freaking out because it doesn’t know who the heck you are. It thinks you are a regular old l33t h@x0r or something. Here is how to fix it.
Click the lock icon with the red (x)
Click the “certificate information” link
Click on the PortSwigger CA line
Click and Drag the Gold Certificate icon to your desktop
(Image of certificate on your desktop)
Double click on the .cer file that you dragged to your desktop, this will open a popup window, make sure that “system” is set in the dropdown, then click the add button
Type in your System password (you may have to do this several times)
Click “Always Trust” (you may have to enter your system level password)
You should see the following line in the Keychain Access application. The blue plus denotes that you select to “Trust” the certificate.
Close Chrome, Open Chrome, Try accessing Google.com again, Success
Now if you go back to Burp, you can click on the Proxy->History tab and see the traffic