Use of the packet capture tool Charles

More on iOS&macOS reverse from zero to master

preface

• Package capture is a necessary tool for both forward and reverse development. This article describes the use of the packet capture tool Charles.

The installation

• On the official website, you can download the free trial version or pay for it.

  

• Once the download is complete, the installation process will not be described.

interface

• The interface is as follows: Network request on the left and details on the right, which provides breakpoints, weak networks and other functions
  

  

Grab the weather forecast interface

• We open the website weather.com/zh-CN/weath… To check the weather in Beijing

  

• Check out the bag Charles grabbed

  

For example, if we develop small programs or independent apps, some weather APIS need to be paid, we can find relevant returned data by capturing packages, and then analyze and use these data.

HTTPS garbled characters are abnormal

• Sometimes we see some captured packets are garbled, or unkonwn, that is because HTTPS protocol requires security authentication

  

  

• Security Authentication: Click Help->SSL Proxying->Install Charles Root Certificate

• Then go to the keychain and click trust

• The HTTPS request still cannot be parsed. You need to set SSL Proxying Settings. You can configure a separate URL, but it is best to configure a generic URL for convenience, as shown below
  

  

The HTTPS request can now be parsed normally

Breakpoints modify station B data

• Click Proxy->Enable Breakpoints, or select the Breakpoints icon to Enable Breakpoints

• Right-click BreakPoints

  

• The sample in the title Sour Candy’ is not Guo but Gaga herself!! To reverse column at https://xiaozhuanlan.com/cydia

• Skip the breakpoint, and when you’re done, you can see that it actually changed.

  

• Modification of request parameters

  • Right-click Repeat to request again
  • Right-click Compose to modify the parameters and click Execute to Execute our modified request

Weak network test

• Click Proxy ->Throttle Settings to set the weak network
• We can simulate a weak net for testing
  

  

Catch mobile phone package

• Click: Help->SSL Proxyig ->Install Charless Root Certificate on a Mobile Device or Romete Browser as shown below

  

• Open the WiFi Settings of the phone, configure the proxy to manual, and change the IP and port 192.168.1.6:8888 as suggested by Charles

  

• Open your mobile browser and type CHLS. Pro/SSL

• The Mac is going to pop up and say yes or no, we’re going to say yes

• The mobile phone asks us whether to download the configuration description file, and we choose to allow it

  

• Go to the phone’s General -> About local -> Certificate trust Settings, trust certificate change

• When I checked the phone, I realized that Charles had grabbed the Internet request from the phone

Mapping local Resources

• Open the blog site: ityongzhend.github. IO /, as shown below

  

• Charles captures the packet, finds the URL, and clicks Save Response to Save it locally

  

• Then save the local file in the home page, about etc. Add Eagle

  

• Click Tools -> Map local, enter the URL to be mapped in Host, and select the local file

  

• Refresh the browser to see the data changed, look at the package body is also changed data, as follows

  

More on iOS&macOS reverse from zero to master