preface
Learning to capture packages is not just a basic skill for a programmer. Anyone testing or planning a career in computing can try to master this basic skill
This article explains how to use Charles to capture packets, and of course you can also choose to use Wireshark, which are the two capture tools I have used and feel quite good (in fact, I have contacted these two 😂).
Here, the packet capture of ios APP is taken as an example. In fact, it is similar on Android. After the configuration of mobile phone capture steps is completed, the capture of MAC can also be successful naturally (taking web pages as an example).
Caught the HTTP
Capturing HTTP packets is relatively simple and consists of three steps:
1. Obtain the IP address of the PC on the route
2. Connect the mobile phone and computer to the same wifi, and set the WIF proxy address on the mobile phone as the IP address of Charles’ computer
3. Enable application packet capture
Get IP
There are many ways to obtain the IP Address. The common way is to open Charles and follow the following figure: help -> Local IP Address
Or directly open the command line, enter the ifconfig or use ifconfig | grep “inet” screen out the IP address (note the use of routing in the IP address)
Set the agent
Connect the mobile phone and computer to the same wifi, and then set the proxy manually. Set the proxy server to the IP address of the PC and port 8888
Charles appears in the following popup window, please click Allow
test
Test and find that the HTTP request content can be caught
At the same time, you will also find that HTTPS requests are indifferent, not moved by our operation, are garbled state, the following introduction to HTTPS request fetching
Caught the HTTPS
If you want to understand how to capture HTTPS packets, you can first understand the principle of HTTPS. I also have two articles on HTTPS and AFNetworking, HTTPS and man-in-the-middle attack. Packet capture can be understood as acting as a middleman
HTTPS packet capture consists of four steps:
1. Handle IP and proxy Settings like HTTP Settings
2. Install the proxy certificate on the MAC terminal and the corresponding description file on the mobile terminal, so that the data can be captured easily (for the verification of HTTPS certificate list, if it is local certificate verification, Charles will fail to capture)
3. Charles set SSL proxy content
4. Capture packets on the HTTPS interface
The certificate is installed on the MAC
Select help -> SSL Proxying -> Save Charles Root Certificate in Charles
If you select this option, a certificate will be generated and placed on the desktop. Double-click to add the certificate to the list
Open the keychain, find it from the certificate list, double-click, and select Always Trust
Install the phone description file
In Charles, select help -> SSL Proxying -> Install Charles Root Certificate on a Mobile Device or Remote Browser
Set up the IP proxy for the first step, then open the browser (Safari), type in the address: chls.pro/ SSL, and jump to download the description file
After setting up the proxy, the following popup window appears, remember allow
After downloading the description file, click Trust in Settings
Capturing the HTTPS Interface
In Charles, select Help -> SSL Proxying -> Proxying Settings
In SSL Proxying, in the left Include column, click Add and set host to *(any host) and port to 443, as shown below
And then it’s done
Crawl MAC web pages
It is similar to the procedure for configuring MOBILE phone HTTPS packet capture, except that the description file is not installed on the mobile phone. In the SSL proxy, host is set to * and port is set to 443
The last
Believe eagle-eyed, children’s shoes have seen some HTTPS requests on his mobile phone did not grab the success, understand the HTTPS principle of children’s shoes I believe I can guess why, in the HTTPS certificate validation rules were screen off, some app or some interface service, used the way such as local certificate validation, this kind of situation is no way to pretend to crack, For example: wechat, nuggets, etc., are not successful capture, I also find a number of apps to capture 😂
Finally, give it a try