Sniffing an Android app to find API URL

Question

I\'m curious as to how I could figure out the API URL an Android application (any app I have installed) uses if it makes API calls to some online server (a RESTful service f

Answer 1

Download Android +6.0 image for PC from this site: https://www.android-x86.org/.

For example: https://www.android-x86.org/releases/releasenote-6-0-r3.html

Make sure that your app works with this Android version -- you can check the minimum Android version on Google Play store --, and don't take a too high number for the Andriod version: the higher the number, the more security constraints is has.

Install VirtualBox, mount the ISO image, boot Android, and install the app through Google Play.

Now you have two options:

1. If traffic is unencrypted, you can log all NIC traffic to a text file. e.g. VBoxManage modifyvm "vm-name" --nictrace1 on --nictracefile1 c:\file.pcap (cf. here)

2. If traffic is encrypted, you can use a man-in-the-middle approach. An app that allows this is HttpCanary. It will make an VPN connection and redirect your traffic through that VPN. It decrypts and works well, but take care with your private data.