Home > Developer > Mobile Develop

iOS security attack using Charles for network data capture

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Charles is a common Web Capture tool under MAC systems (Paros is also good), commonly used fiddler under Windows. The genuine Charles is charged (PS: Support Genuine), the Chinese people prefer to crack version of Charles (thank bloggers, good people for a lifetime of peace, please support bloggers).

The main functions are as follows:

    1. Intercepts Http and HTTPS network packets.
    2. Support to re-send network requests, convenient back-end debugging.
    3. Support for modifying network request parameters.
    4. Supports interception and dynamic modification of network requests.
    5. Supports analog slow networks.

After the software is installed:

  

  

The next crawl of the phone software packet needs to be configured: Proxy->proxy settings, port: 8888, tick the Enable transparent HTTP proxying.

  

is the IPhone and the computer under the same LAN, open the system settings, network Proxy settings: Mobile browser access: Http://charlesproxy.com/getssl Install the description file.

  

After setting a successful access to the network, Charles will pop up the box below and click Allow.

  

If you need to intercept information about the HTTPS protocol, you need to install Charles's CA certificate. Select "Help", "SSL proxying", "Install Charles Root Certificate"

  

After the keychain is successfully installed, you will need to enter a user name password to trust the certificate.

If you need to get the HTTPS protocol content on your phone, you'll need to install the certificate on your phone. "Help", "SSL proxying", "Install Charles Root Certificate on a Mobile Device or Remote Browser"

Note that even after the certificate is installed, Charles does not intercept HTTPS network traffic by default, and if you want to intercept all HTTPS network requests on a site, you can right-click on the request and select SSL Proxy.

Next the Mode network:

Simulate a slow network or a high-latency network to test whether the application behaves properly under a mobile network. Charles has provided a good support for this requirement. On the Charles menu, select "Proxy", "throttle Setting", in the dialog box that pops up, we can tick "Enable throttling" and set the type of throttle Preset. As shown in the following:

  

  

Use Charles's Repeat feature to simply test the concurrency of the server, by right-clicking and selecting Repeat Advanced. The number of measurements can be selected.

  

  

  

To modify the contents of a network request:

  

iOS security attack using Charles for network data capture

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
mcafee mobile security attack on wifi network phone number for social security office in lake charles louisiana data security tips for employees fiddler capture network traffic capture image using php kafka change data capture mcafee data center security suite for databases

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More