How to do security testing in WeWork, Starbucks, airports… or any public WiFi

Yes! Being a digital nomad and bug bounty hunter or security engineer is easier than you thought

black and white ceramic mug on brown wooden table

In our fast-paced lives, staying connected is crucial, often leading us to rely on public Wi-Fi networks at places like airports, Starbucks, or WeWork. However, navigating these public networks becomes a challenge when intercepting traffic from a mobile app is necessary, especially if you want to avoid exposing the proxy to the network or the router’s restrictive firewall.

When dealing with public Wi-Fi, wireless client isolation, also known as client-to-client blocking, is commonly employed in locations like coffee shops, airports, and hotels to bolster security. This feature restricts direct communication between devices on the guest network, minimizing the risk of unauthorized access or potential attacks among connected devices.

For those seeking a solution to circumvent challenges posed by a hostile public Wi-Fi or wireless client isolation on their own Wi-Fi, here’s a handy trick:

Execute the following command for port redirection, redirecting traffic from the emulator port 8080 to your localhost machine’s port 8080 (where your web proxy is listening – feel free to modify the port number if needed):

adb reverse tcp:8080 tcp:8080
            ^^^^^^^  ^^^^^^^^
            REMOTE     LOCAL

After that, we just have to use adb to set up the proxy in the emulator to be the proxy localhost port 8080:

adb shell settings put global http_proxy

Now you can get your app traffic in BurpSuite or your favorite web proxy without exposing your traffic to the LAN or without getting blocked by the router 😎

Happy hunting!






Leave a Reply

Your email address will not be published. Required fields are marked *