Sdorica Origin Capture for iOS

# Sdorica Origin Capture for iOS ###### Author: CancerGary 1. Proxy / Options / Proxy Listeners / Edit or Add ![](https://i.imgur.com/W3cdHbt.png) 2. Binding: port 443, “all interfaces” ![](https://i.imgur.com/gV2WxFd.png) 3. Request handling / open “Support invisible proxying” ![](https://i.imgur.com/kKia2wN.png) 4. Generate CA-signed ![](https://i.imgur.com/1fRj6wn.png) 5. (optional) Export CA to .cer file ![](https://i.imgur.com/BCLY0HP.png) 6. Turn to Proxy / Intercept, close intercept (off) ![](https://i.imgur.com/B2pdEgx.png) 7. Turn to HTTP history. In filter settings, click “show all” ![](https://i.imgur.com/HUqbR7t.png) 8. Connect your iOS device and Burp Suite in the same network, check your ip address. 9. Use your iOS web browser to visit your Burp Suite (yourip:443). It should look like this (in my situation, the computer ip is 192.168.3.16) : ![](https://i.imgur.com/D6bT1S4.png) Click “CA Certificate” and install the profile. If you can’t see this button, you can send certificate to iOS device via email manually and then install it. ![](https://i.imgur.com/W3CxpX3.png) 10. Open Surge. In DNS/Local Mapping, add a new mapping [set domain to “*.rayark.download”, set value to your computer ip address] ![](https://i.imgur.com/kVEQxkL.png) 11. Start Surge VPN, and then open Sdorica ![](https://i.imgur.com/k9u9GAk.png) ![](https://i.imgur.com/G7CZqa2.png) 12. If everything is OK, you can get the origin URL in Burp Suite. ![](https://i.imgur.com/IM78liA.png)