The steps for installing Whislte and setting up the basic environment are as follows:
- Install the Node
- Install the whistle
- Start the whistle
- Open the Monitoring page
- Connect the phone
- Fetching HTTPS requests
1. Install Node
Node official website download address:nodejs.org/zh-cn/
Tips:Whistle supports v0.10.0 and later, and it is recommended to install the latest version of Node for better performance.
After installing Node, run the following command to check the Node version:
Command: node -v
Install whistle
On Windows, run the following NPM command to install Whistle.
npm install -g whistle
Copy the code
Tips: NPM default image is in foreign countries, if the installation speed is slow or can not be installed oh degree, can use Taobao image installation:
$ npm install cnpm -g --registry=https://registry.npm.taobao.org
$ cnpm install -g whistle
Copy the code
After executing the command and waiting for installation, let’s see what the console outputs:After installing Whistle, run the following command to check whether Whislte has been successfully installed
Command: Whistle help or w2 start
The global command whistle is equivalent to w2.
If the help information about Whistle can be output, whistle is successfully installed.
If you just want to view the version, please enter the following command to view:
Command: w2 –version
3. Start whistle
Let’s start with common commands:
A) w2 start whislte B) w2 stop whistle C) w2 restart whistleCopy the code
Type w2 start to start whistle and see what it outputs.Now that whistle has started, let’s see how the agent is configured.
4. Open the monitoring interface
First of all, we open the monitoring interface, see IP: port in the figure above. After input, we can see:
5. Connect your mobile phone
Tips:Make sure your phone and computer are on the same wifi.
I’m going to show you how to connect the computer.
Wifi -> Set the proxy to manual, change the server address to computer IP address, and write the port number 8899.
When you get there, you can’t wait to see if you can grab a bag, so why don’t you open up your phone browser, visit any website, and see if you can grab a bag?
If you look closely at the monitoring interface, you will find that only HTTP requests can be captured. Why not HTTPS?
Of course, the answer is no. Now let’s see how to configure to support HTTPS requests.
Fetch HTTPS requests
A) Install the root certificate on the computer
Download the root certificate: Whistle Monitoring screen -> HTTPS -> Download RootCA
Tips:Remember to select Capture TUNNEL CONNECTs.
After downloading the root certificate, click rootca. CRT. The root certificate installation dialog box is displayed.
B) Install the root certificate on the mobile phone
The following shows how to install the root certificate on Android:
①. Scan the qr code of the root certificate on the Whistle monitoring interface by mobile browser, download and install it, or you can input it by browserrootca.proDownload as prompted.
(2) Install the certificate after downloading it.
Tips:Ios installs certificates in a similar way and won’t go into details here.
Now that the HTTPS configuration is complete, we can verify that the HTTPS request can be fetched.
The last
From here, you can use Whistle to catch packets online. The next article will look at how Whistle configures its agents.
If you have any questions about how to capture HTTPS requests, go to wproxy.org/whistle/web…