Recently, I was trying to test and intercept traffic from an app developed on Rhomobile, I setup a proxy with burp, and of course I have installed burp certificate on my device hence I can intercept other apps on my device but I am unable to see the traffic of the app in question on burp suite instead the app works fine and connects to the remote server without even appearing an error alert of the burp suite. in reversing the app I concluded that it is using https protocol to connect to the server. even typically apps targeting android api level 24 and above, a network_security_config.xml should be specified and in my reversing I created that file and set it its location on manifest file but nothing avail. As other researchers would recommend, tried to sniff network traffic of the app with wireshark by creating windows hotspot and connnecting my device to the hotspot, and activated the capture traffic of the wireshark, I was expecting to sniff or even decide whether app is using other protocols, but did not appear any traffic from the app!. then these questions pop into my mind I would be very pleased if you can clear it.
1. in general, what am I missing? or where else should I look at?
2. specifically Is an app developed on rhomobile is proxy unaware app?
3. if the issue is associated with certificate pinning, typically the alert tab of the burp suite would have shown it, why the app is working fine and connecting to the server while other apps leave an error in the alert tab of burp suite? if I conclude that it is a proxy unaware app, how can I finally intercept its traffic?
any help would be appreciated.
Thanks,
