Configuration - 1ultimat3/BadIntent GitHub Wiki

BadIntent Burp

Make sure Burp is listening on an interface, which is reachable by your Android instance.

BadIntent Android

Preferences View:

Package Filter

This regular expression filter determine which packages are qualified for interception. It is possible to override disabled “Hook System Apps” settings, when a specific system app package name has been specified.

Interface Filter

Since (almost) every binder transaction contains an INTERFACE TOKEN in order to validate that the correct interface is used (AIDL implementation), it is possible to filter interfaces, which are interesting for analysis purposes.

Capture Log

If enabled logs from all monitored apps are sent via the proxy.

Hook System Apps

If enabled, all apps including user- and system-apps are monitored. Otherwise, only user-apps are hooked.

Target IP

Specify the current IP of the Android device. On first launch the current WiFi-IP is set. Target IP is needed, because Burp (or any other proxy) needs to determine where the transaction details are going to.

Use System Proxy

Determine if the system proxy or a dedicated HTTP proxy should be used.

Proxy Host

self explanatory

Proxy Port

self explanatory