Adding Root Certificate to Android With Magisk Module
In order to perform dynamic penetration tests in android applications, we need to bypass the sslpinning security measure. In order to circumvent this measure, it is necessary to add the Burp Suite certificate to the root certificates on the android system.
Installing root certificate on rooted android device with Magisk is very easy.This process consists of several steps.
Exporting the burp suite certificate
We need to go to the “Options” tab in the Burp suite tool and click the “Import / export CA certificate” button.
After exporting the certificate in “.der” format, we need to perform a few more steps.
Create X.509 certificate form “.der” file:
openssl x509 -inform DER -in cacert.der -out cacert.pem
After creating the pem file, it is necessary to calculate the hash value of the x509(pem) file:
openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1
A file with “extension .0” should be created with this output value. Pem file should be exported to this “.0” file.
Important: Your hash value and certificate may differ from the images above.
Creating Magisk Module
It will be necessary to use the information from this github repo to create the Magisk module. The structure of the generated certificate should be like this.
The created “.0” extension file should be moved to “/system/etc/security/cacerts” file. The module.prop file in the main directory contains information about the module.
The contents of this file can be changed.
The contents of the /META-INF/com/google/android/update-binary file should be as follows.
Installing Magisk Module
After these operations, it is necessary to install the magisk module. First of all, it is necessary to archive magisk files in zip format.
It is necessary to create the zip file to include the main directory. When the zip file is opened, module.prop, META-INF and system files should be able to be viewed directly.
After creating the zip file, we can install the module we created via magisk.
