One, foreword

There are a lot of capture tools on the market. This article will not teach you how to use the capture tool to Crack. That is illegal. This paper uses the packet capture tool to analyze some application interfaces. For example, the tester can use the packet capture tool to quickly determine whether it is the front-end request problem or the back end interface data return wrong; Or, when we release the App to the market and users download/update the App, they give feedback that there are bugs in the App. Although the server can view massive logs, we use the packet capture tool to reproduce the problem according to the user’s problem description, and also locate the problem quickly and find a solution.

Windows has many packet capture tools, such as Fiddler and WirShark. On the Mac side, Charles is better known for supporting three Windows, Linux and Mac versions. Currently, most servers support Https. Therefore, most captured data is ciphertext. How do I obtain plaintext data?

This article will show you how to install Charles, how to broker requests through an intermediary, and how to interact with the server to get plaintext data.

Two, the middle

Intermediators are commonly used in networks to intercept data and manipulate it before sending it, so they can be used as a form of cyber attack. “Game plugin” is the intermediary, it acts as the intermediary between Client/Server, by tampering with the Client to send requests, and then sent to the Server, to deceive the Server to achieve a data tampering effect.

The packet capture tool Charles can act as an intermediary, of course, we are not used to manipulate the data to deceive the server to fake, but to intercept the encrypted data and display it in plain text. However, there are a few points we need to point out (because the middle-of-the-road is not a panacea, it can not be done in all cases, there must be some bugs, we can use this method) :

The Server has Https certificate, but the Client does not, and the Client completely trusts the Server, and the two do not use other data encryption methods, then we can use intermediary to carry out proxy interaction between the two.

The above condition, or data security measures are relatively low, the so-called guard against the gentleman is not against the villain, if you encounter: “the data between the Client and Server is encrypted transmission, then it is difficult to intercept ciphertext”. Data on both ends can be encrypted in various ways, for example, using AES (symmetric encryption), RSA (asymmetric encryption), or private data encryption protocols.

Figure 1 shows the normal interaction between Client and Server, using HTTPS data encryption. Process 2 adds Proxy (intermediary) to achieve data interception through requests and returns between Proxy Client and Server:

  • For clients, the Proxy acts as a Server. The Client sends requests to the Proxy, which then forwards them to the real Server.
  • For the Server, the Proxy is the Client. The Proxy forwards data to the Server, and the Server returns data to the Proxy.

Charles installation

3.1, install,

  1. Go to website www.charlesproxy.com/latest-rele… Download the latest version;
  2. Install it directly, and then go to www.charles.ren/ to obtain the activation registration code (optionally enter the user name to generate the registration code);
  3. Complete the registration activation in the Charles tool.
  4. Start Charles, the software will automatically pop up a dialog box “Whether to complete the configuration automatically according to the system”, select “Yes”.

3.2 SSL Configuration

Choose Proxy > SSL Proxying Settings as shown below:

Add the SSL port proxy as shown below (click the Add button below Location and enter as follows) :

Click OK to complete the setting, as shown below (click OK) :

3.3. Proxy Configuration

Choose “Proxy” -> “Proxy Settings” as shown below:

The configuration is as follows:

3.4. Install the PC certificate

Select “Install Charles Root Certificate”, and there may be a pop-up dialog box after clicking, or there may be no response. In this case, we will go to the Mac system

In the keystring, look for the Charles certificate and set it to full recognition:

Double-click the certificate and select “Always Acknowledge” :

3.5 Installing a Mobile Phone Certificate (using aN iPhone as an example)

Select “Install Charles Root Certificate on a Mobile Device or Remote Browser”, Charles will pop up a dialog box:

Then open the mobile phone “Settings” -> “Wireless LAN” -> select the currently connected WIFI, as shown in the following steps:

Then, open the mobile browser, type “chls.pro/ SSL”, and click “Go” :

The configuration description file is allowed to be downloaded. After downloading, open “Settings” on the mobile phone and proceed as follows:

OK, so far, our Charles, PC certificate, mobile phone certificate have been installed!

3.6 Test packet capture (JINGdong APP as an example)