Charles HTTPS Grab Bag

First, install Charles, and crack

Version requirements: 3.10 or more, we recommend installing the following versions

Installation package: 32-bit charles-proxy-3.11.5-win32.msi,64 bit charles-proxy-3.11.5-win64.msi

Crack jar Package: Charles.jar, replace Lib/charles.jar. such as: C:\Program Files\charles\lib\charles.jar

4.0.1: Charles-proxy-4.0.1-win64.msi, Jar pack Charles.jar

Second, the mobile phone installation Charles Certificate

1. Open and set HTTP proxy and SSL proxy in Charles, menu ---proxy Setting, set

HTTP proxy settings, note remember that the port number is: 8888

2, proxy settings, Menu, proxy->ssl proxy Setting SSL, set the domain name you want to make SSL proxy

3. Open Charles, open the option Help--SSL proxying, Install Charles Root Certificate on a Mobile Device or Remote Browser, as

4, mobile phone settings agent, hostname (current computer IP), port (8888)

5. Use the mobile browser to open the http://charlesproxy.com/getssl, install the Charles Certificate (ios10.3.1 need to trust the certificate, universal, about the certificate trust settings, such as this machine). The client opens the HTTPS request page, which is no longer garbled.

Install the Charles Certificate link QR code:

Three, the principle

Through the mode of man-in-the-middle attack, using "SSL Certificate spoofing Attack", forged certificate spoofing to obtain the user's request.

Related information:

Http://www.cnblogs.com/gordon0918/p/5237717.html

Mobile Installation Server self-visa book (only for client use)

To download the CERFICATE.CRT, use your phone to bring your own file Manager to open the installation.

Charles HTTPS Grab bag