IOS security-network packet analysis tool Charles

IOS security-network packet analysis tool Charles

I wrote an article earlier:

IOS development-image search (source code + resolution)

 

Many of my friends are curious about how I got Baidu's image search API, which is actually very simple. The network packet analysis tool "Charles" can be easily implemented.

To obtain the image search API, you only need to perform the following three steps:

1. Open Charles

2. Simulate Image Recognition and send requests

3. Analyze the request

 

I 'd like to introduce this tool myself, but I won't be able to make an axe when I see a related article by Tang Qiao. See his introduction here.

 

 

 

 

Introduction

 

 

Charles is a common tool used to intercept network packets on Mac. During iOS development, we often need to intercept network packets for analysis to debug network communication protocols with servers. Charles sets himself as the system's network access proxy server so that all network access requests can be completed through it, thus realizing the interception and analysis of network packets.

 

 

Charles's main functions include:

1. Supports SSL Proxy. It can intercept requests for analyzing SSL.

2. Supports traffic control. It can simulate slow network and long wait time (latency) requests.

3. Supports AJAX debugging. Json or xml data can be automatically formatted for easy viewing.

4. Supports AMF debugging. You can format Flash Remoting or Flex Remoting information for ease of viewing.

5. Supports resending network requests to facilitate backend debugging.

6. Network request parameters can be modified.

7. Supports interception and Dynamic Modification of network requests.

8. Check whether HTML, CSS, and RSS content comply with W3C standards.

    

   Install Charles

   Go to Charles's official website (www.bkjia.com) to download the latest version of the Charles installation package. It is a file with a dmg suffix. Drag Charles to the Application directory to complete the installation.

    

   Install an SSL Certificate

   If you want to intercept and analyze the content related to the SSL protocol. Then you need to install Charles's CA certificate. The procedure is as follows:

   1. Download the CA certificate file in the http://www.charlesproxy.com/ssl.zip.

   2. Decompress the zip file and double-click the. crt file. In this case, select "always trust" in the pop-up menu, as shown below:

   3. Access the key string to view the added certificate. As follows:

      Set Charles as a system proxy

      As mentioned earlier, Charles intercepts packets by setting itself as a proxy server. Therefore, Charles's first step is to set it as the proxy server of the system.

      After Charles is started, Charles will request you to set system proxy permissions for it for the first time. You can enter a logon password to grant Charles the permission. You can also ignore this request, and then select "Proxy"-> "Mac OS X Proxy" in the menu to set Charles as the system Proxy when setting Charles as the system Proxy. As follows:

      Then, you can see a steady stream of network requests appear on Charles's interface.

      Introduction to the Charles Main Interface

      Charles provides two views for viewing packets: "Structure" and "Sequence ".

      1. The Structure view classifies network requests by the accessed domain name.

      2. The Sequence view sorts network requests by access time.

         You can switch back and forth between the two views as needed.

         For a specific network request, you can view its detailed request content and response content. If the response content is in JSON format, Charles can help you format the JSON content for your convenience.

         Filter network requests

         Generally, we need to filter network requests and only monitor requests sent to the specified directory server. There are two solutions to this need.

         1. Enter the keywords to be filtered out in the Filter column in the middle of the main interface. For example, the address of our server is: http://yuantiku.com, you just need to fill in yuantiku in the Filter column.

         2. On the Charles menu bar, choose "Proxy"-> "Recording Settings", select the Include column, select Add a project, and enter the protocol, host address, and port number to be monitored. In this way, only the packets of the target website can be intercepted. As shown in:

            In general, we use method 1 for some temporary packet filtering, and method 2 for some regular packet filtering.

            Intercept Network packets on the iPhone

            Charles is usually used to intercept local network packets, but we can also intercept network requests from other devices when necessary. Next I will take the iPhone as an example to explain how to perform the corresponding operations.

            Settings on Charles

            To intercept network requests on the iPhone, we must first enable Charles's proxy function. On the Charles menu bar, select "Proxy"-> "Proxy Settings", fill in the Proxy port 8888, and check "Enable transparent HTTP proxying" to complete the Settings on Charles. As shown in:

            Settings on iPhone

            First, we need to obtain the IP address of the computer where Charles runs, open Terminal, and enterifconfig en0To obtain the IP address of the computer, as shown in:

            On the iPhone's "Settings"> "Wireless LAN", you can see the wifi name of the current connection. Click the details key on the right to view the details of the wifi on the current connection, includes IP addresses, subnet masks, and other information. There is an "HTTP proxy" item at the bottom. We will switch it to manual, and then fill in the IP address of the computer where Charles runs, and the port number 8888, as shown in:

            After the settings are complete, open any program on the iPhone that requires network communication, and you will see Charles pop-up confirmation menu for iPhone request connection (as shown in). Click "Allow" to complete the settings.

            Intercept SSL information

            Charles does not intercept SSL information by default. If you want to intercept all SSL network requests on a website, right-click the request and select SSL proxy, as shown in:

            In this way, all SSL requests to the Host can be intercepted.

            Simulate slow network

            During iPhone development, we often need to simulate a slow network or a high-latency network to test whether the application works normally on a mobile network. Charles provides good support for this demand.

            On the Charles menu, select "Proxy"-> "Throttle Setting". In the displayed dialog box, select "Enable Throttling ", you can also set the Throttle Preset type. As shown in:

            If you Only want to simulate the slow network of the specified website, you can check the "Only for selected hosts" option and add the specified hosts item in the lower half of the dialog box.

            Modify network request content

            Sometimes, to debug server interfaces, We need to repeatedly try network requests with different parameters. Charles can easily modify and resend network requests. You can create an editable network request by right-clicking previous network requests and selecting "Edit. As follows:

            You can modify any information about the request, including the url, port, and parameters. Then, click "Execute" to send the modified network request, as shown in ). Charles allows us to modify and send this request multiple times, which is very convenient for us and the server-side debugging interface.

            Summary

            With the Charles software, we can easily intercept and debug network request content in daily development, analyze the packet protocol and simulate a slow network. Using Charles can greatly facilitate the development and debugging of apps with network requests.