HTTP (s) request interception with Charles for iphone (grab)

First, prepare the tool

1> Charles (Download the corresponding operating system installation package for installation, this article uses MacOS for demonstration)

2> IPhone (This article uses SE, System version: IOS 10)

Begin

First, let's configure Charles:

Menu: Proxy, proxy Settings., tick Enable transparent HTTP proxying

Proxy, Proxy Settings

Then find your computer's LAN IP address: find it yourself.

Next, open your iphone: Set up WiFi--Wi-Fi on the same router as the computer, click on the right I enter the configuration

Configuration: Pull to the bottom, find

Settings, Wifi--I--HTTP proxy manual

When the configuration is complete here, Charles pops up the prompt box,

The main idea is: someone asked to connect Charles IP is xxx.xxx.xxx.xxx allowed?

Here to pay attention!!! Charles's default option is deny deny, so do not press ENTER!!! Manually select allow!!!

This allows you to crawl your iphone's connection normally.

However, most of Apple's apps are now using more secure HTTPS for data interaction, so we need to crawl HTTPS for further configuration.

Go on

Back to Charles, install the certificate:

Charles Menu: Help, SSL proxying, Install Charles Root Certificate Click to automatically open keychain Access, please enter the computer power-on password

Help, SSL proxying, Install Charles Root Certificate

When you're done, you'll see two certificates:

Two certificates

Double-click the certificate to open the certificate details: Expand Trust when using this certificate: Modify to always trust, close certificate details require a power-on password

Trust-When using this certificate

Two certificates are set to always trust.

Next, install the mobile-side certificate:

Back to Charles, menu: Help, SSL proxying-Install Charles Root Certificate on a Mobile Device or Remote Browser

Help, SSL proxying, Install Charles Root Certificate on a Mobile Device or Remote Browser

Click to pop up a dialog box to the effect: Configure your device to use Charles, certificate: Chls.pro/ssl

Configure a mobile-side certificate

Open Phone Safari, visit: Chls.pro/ssl (if we show the difference, then the address in the prompt is whichever)

Access to this address normally requires a configuration file to be installed. If no request please check if WiFi is set for HTTP proxy (refer to Configuration map: Settings, Wifi---I--HTTP proxy manual).

Mobile Terminal Installation Certificate 1

Click Install:

Mobile Terminal Installation Certificate 2

Many tutorials on the web are over, but returning to Charles will find that the HTTPS request is still not crawling properly. In fact, there is a setup, trust certificate: Open iphone Settings: General---about phone---Pull to bottom certificate trust settings, tick the certificate you just installedTrust Certificate

Okay, back to Charles. Set the final finishing touches:

Menu: Proxy, SSL proxying Settings ...

Proxy--SSL proxying Settings ...

TICK: Enable SSL proxying, click on Add Rule

Domain: After you've configured all of the above, you'll see a lot of requests in Charles, all with the title of the domain name

Domain name: After you've configured all of the above, you'll see many requests in Charles, all with the domain name as the title.

Port: Constant to 443

If you do not need to specify an HTTPS connection (that is, crawl all HTTPS connections), the domain name is filled *.

Configuring SSL proxying

Tips:> WiFi agent, please turn off when you do not need to use it, or it may cause your phone to not connect properly. > If Charles interface is blank

Click menu: File--New Session

File-New Session

And then there's the

With the

Test data: Get QQ weather in QQ

QQ weather is finished.

HTTP (s) request interception with Charles for iphone (grab)