Mac uses Charles to successfully connect to the mobile phone to capture packets! ! !

Operation guide

Operating environment:

• Computer system: Mac OS
• mobile phone system: iOS 12 and above/Android
• Charles version: V4.5.6

Step 1: Install Charles certificate to Mac

1. Start Charles, select Help-->SSL Proxying→Install Charles Root Certificate

2. At this time, the "Keychain Access" APP will be launched, and the newly installed certificate will be found. The name of the certificate: Charles Proxy CA. If you can't find it, you can search it in the search box.

3. Select the certificate and click to show introduction.

4. Change the certificate trust authority. Change to always trust, and close the window and enter the password to save.

5. Move and copy the certificate to the "system". The certificate on the computer side is now configured!

6. Set the HTTPS port to capture packets, click Charles-->Proxy-->SSL Proxying Settings, the following pop-up window appears, click "Enable SSL Proxying", click "Add"

7. Input according to the figure and click save. At this point, the computer configuration has been completed!

Step 2: Install the Charles certificate to the phone

premise:

1. First check the computer IP address, click Charles-->Help→Local IP Address

2. The mobile phone and the computer must be on the same Wi-Fi.

iPhone certificate installation:

1. iPhone, Wi-Fi setting proxy. Steps: Settings → WIFI --> click i next to Wi-Fi

2. Draw to the bottom and click Configure proxy

3. Configure the proxy, IP is your computer's IP, enter 8888 for the port, and click Save

4. Then open the Safari browser and visit: chls.pro/ssl. At this time, the connection prompt on the computer, click allow.

5. At this time, the phone will prompt to download the description file, click Allow

6. After saving, click Settings-->General→Description File to install the file just downloaded

7. After the installation is complete, click Settings --> General → About this machine, scroll down to the bottom, click Certificate Trust Settings, and turn on the Just Trust switch.

8. You're done, now you can happily grab HTTPS packets. And visit the company intranet.

Android certificate installation:

Take the Xiaomi mobile phone as an example.

1. Set up a Wi-Fi proxy. Settings→WI-FI→Proxy settings, IP is your computer’s IP, port input 8888, save

2. Use Chrome browser to visit "chls.pro/ssl" (Note: Chrome browser must be used, Android domestic browser will treat the certificate as a downloaded file and cannot be installed directly), at this time, the connection prompt on the computer, click allow allow.

3. Download the certificate and install it (you need to set the phone lock screen password in advance), see the figure below, enter the name, and click OK.

4. You're done! At this point you can happily grab HTTPS packets. And visit the company intranet.

Remark:

Some mobile apps do not allow packet capture. There are roughly two specific implementation principles:

1. The app framework can detect the proxy. If you are accessing through the proxy port, the connection will be refused.

2. The built-in HTTPS certificate of the mobile phone has done a double-end verification. If you are interested in specific principles, you can go to Google.