haopengzhan/CoderSherlock.github.io
1
0
Fork 0
mirror of https://github.com/CoderSherlock/CoderSherlock.github.io.git synced 2026-06-13 08:08:10 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
6ab8e862632529117f3170564eb7c84149b45440
CoderSherlock.github.io/_site/archivers/charles-is-not-a-good-tool.html
T
haopengzhan 6ab8e86263 Add disqus
2018-08-29 16:34:29 -04:00

176 lines
5.9 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Using charles proxy to monitor mobile SSL traffics « Stop Talking, Start Doing - 停止空想,开始行动</title>
<meta name="description" content="In this blog, I will generally talk about how to use proper tools to monitor SSL traffics of a mobile devices. Currently, I only can dealing with those SSL t...">
<link rel="stylesheet" href="/css/main.css">
<link rel="canonical" href="https://codersherlock.github.com//archivers/charles-is-not-a-good-tool">
<link rel="alternate" type="application/rss+xml" title="Stop Talking, Start Doing - 停止空想,开始行动" href="https://codersherlock.github.com//feed.xml" />
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-82637164-1', 'auto');
ga('send', 'pageview');
</script>
<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<script>
(adsbygoogle = window.adsbygoogle || []).push({
google_ad_client: "ca-pub-6651321038908478",
enable_page_level_ads: true
});
</script>
</head>
<body>
<header class="header">
<div class="wrapper">
<a class="site-title" href="/">Stop Talking, Start Doing - 停止空想,开始行动</a>
<nav class="site-nav">
<a class="page-link" href="/about/">About</a>
<a class="page-link" href="/category/">Category</a>
</nav>
</div>
</header>
<div class="page-content">
<div class="wrapper">
<div class="col-main">
<div class="post">
<header class="post-header">
<h1 class="post-title">Using charles proxy to monitor mobile SSL traffics</h1>
<p class="post-meta">Oct 27, 2016</p>
</header>
<article class="post-content">
<p>In this blog, I will generally talk about how to use proper tools to monitor SSL traffics of a mobile devices. Currently, I only can dealing with those SSL traffics which use an obviously certification. Some applications may not using system root cert or they doesnt provide us a method to modify their own certs. For these situation, I still didnt find a good solutions for it. But Ill keep updating this if I get one.<br />
My current solution is using AP to forward all SSL traffic to a proxy, <a href="https://www.charlesproxy.com/">charles proxy</a> is my first choice (Prof asked). Its a non-free software which still update new versions now. So mainly, Ill talk about how to charles SSL proxy.</p>
<h3 id="preparations">Preparations</h3>
<ul>
<li>Monitor device situation: Linux Machine with wireless adapter</li>
<li>Download the newest version(4.0.1) of charles</li>
<li>Target android devices with root privilege</li>
</ul>
<h3 id="install-charles-and-configuration">Install Charles and Configuration</h3>
<ul>
<li>You have to install charles first. After downloading the charles proxy, you have to unzip it and configure some basic settings.</li>
</ul>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c"># open charles first</span>
./bin/charles
</code></pre></div></div>
<ul>
<li>Save charles private key and public key</li>
</ul>
<p>In Help -&gt; SSL Proxying -&gt; Export Charles Root Certificate and Private Key, enter a password and save the public and private key in *.p12 format.<br />
You also need to save charles Root Certificate, it also contains in the same menu. For convience, save it as *.pem format.</p>
<ul>
<li>Set Proxy and SSL Proxy</li>
</ul>
</article>
<div class="post-comments">
<div id="disqus_thread"></div>
<script type="text/javascript">
var disqus_shortname = 'codersherlockblog'; // required: replace example with your forum shortname
(function() {
var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js';
(document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
})();
</script>
</div>
</div>
</div>
<div class="col-second">
<div class="col-box col-box-author">
<img class="avatar" src="/static/avatar.jpg" alt="Pengzhan Hao - 碾子">
<div class="col-box-title name">Pengzhan Hao - 碾子</div>
<p></p>
<p class="contact">
<a href="https://github.com/codersherlock">GitHub</a>
<a href="https://twitter.com/haopengzhan">Twitter</a>
<a href="mailto:haopengzhan@gmail.com">Email</a>
</p>
</div>
<div class="col-box">
<div class="col-box-title">Newest Posts</div>
<ul class="post-list">
<li><a class="post-link" href="/archivers/intro-xv6">Xv6 introduction</a></li>
<li><a class="post-link" href="/archivers/some-of-my-previews-exper-work">Some of my previews experiment works: 2016</a></li>
<li><a class="post-link" href="/archivers/charles-is-not-a-good-tool">Using charles proxy to monitor mobile SSL traffics</a></li>
<li><a class="post-link" href="/archivers/hello">Stop Talking is the worst title of one blog</a></li>
</ul>
</div>
<div class="col-box post-toc hide">
<div class="col-box-title">TOC</div>
</div>
</div>
</div>
</div>
<footer class="footer">
<div class="wrapper">
&copy; 2016 Pengzhan Hao - 碾子
</div>
</footer>
<script src="/js/easybook.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink