Charles usage tutorial

background

Charles is an HTTP and SOCKS proxy server. Proxying requests and responses enables Charles to inspect and alter requests as they pass from client to server, and responses as they pass from server to client.

packet capture

PC-side packet capture

1. Select Proxy -> Mac OS X Proxy in the menu
2. Make sure that Charles is in the Start Recording state.

Mobile capture

1. The mobile phone and the computer are on the same network:
2. Turn off the firewall on the computer, open Charles' proxy: Proxy -> Proxy Settings pop-up window, fill in the proxy port (the default port is 8888, do not need to be modified), and check Enable transparent HTTP proxying.
Find the proxy in wifi, select manual, fill in the IP address, port 8888

HTTPS packet capture

Download and install the pc certificate:
Help -> SSL Proxying -> Install Charles Root Certificate
Method 1: Direct download

Method 2: If you can't download it, go to the official download

certificate trust

Download and install the mobile certificate:
Help -> SSL Proxying - Install Charles Root Certificate on a Mobile Device. Then the following prompt will pop up.

Mobile browser input: chls.pro/ssl

1. After downloading, open the phone settings - general - description file and device management, select the configuration description file, select trust, and see that it has been verified.
2. Finally, mobile phone settings - general - about mobile phone - certificate trust settings, select ON to use HTTPS to capture packets.

Note: The versions of the certificates of the mobile phone and computer need to correspond.
One of your mobile phones is an old version, but the computer is connected to a new version, so you have to download it again.

Why install a certificate

If it is an HTTP request, because the data itself is not encrypted, the content of the request and the returned result are displayed directly.
But HTTPS encrypts the data, so Charles faces the client, disguising himself as a server, and disguising himself as a client to the server.

• Charles intercepts the client's request, pretends to be the client and makes a request to the server, and the server returns the server's CA certificate to the "client" (actually Charles);
• Charles intercepts the server's response, obtains the public key of the server certificate, then makes a certificate by himself, replaces the server certificate and sends it to the client. (In this step, Charles got the public key of the server certificate);
• After the client receives the certificate of the "server" (actually Charles), it generates a symmetric key, encrypts it with Charles' public key, and sends it to the "server" (Charles);
• Charles intercepts the client's response, decrypts the symmetric key with his private key, encrypts it with the server certificate public key, and sends it to the server. (In this step, Charles got the symmetric key);
• The server decrypts the symmetric key with its own private key and sends a response to the "client" (Charles);
• Charles intercepts the server's response, replaces it with its own certificate, and sends it to the client;
• Of course, if the user does not choose to trust the CA certificate installed by Charles, Charles will not be able to obtain the request content. There is another way, if the client has built-in its own CA certificate, then if Charles sends his own certificate to the client, the client will find that it is inconsistent with the certificate in the program and will not pass, and Charles will not be able to obtain the information at this time. .

Basic Settings

Tool Navigation Bar
At the top of Charles is the menu navigation bar, and below the menu navigation bar is the tool navigation bar. The view is as shown below:

• Clear all captured requests
• A red dot status indicates that the request is being captured, and a gray status indicates that no requests are currently being captured.
• The gray state indicates that the network speed throttling is not enabled, and the green state indicates that the network speed throttling is enabled.
• The gray state indicates that the breakpoint is not enabled, and the red state indicates that the breakpoint is enabled.
• Edit and modify the request, click to modify the content of the request.
• Repeat sending the request, the selected request will be sent again after clicking.
• Validate the response of the selected request.
• Common functions, including common functions in the Tools menu.
• Common Settings, including common settings in the Proxy menu.

structure by domain name
There are too many sequences sorted by time, you can see the filter by Filter at the bottom of the toolbar

user's guidance

proxy

The Proxy menu contains the following functions:

• Start/Stop Recording: Start/stop recording session.
• Start/Stop Throttling: Start/stop throttling.
• Enable/Disable Breakpoints: Enable/disable breakpoint mode.
• Recording Settings: Recording session settings.
• Throttle Settings: Throttle settings.
• Breakpoint Settings: Breakpoint settings.
• Reverse Proxies Settings: Reverse proxy settings.
• Port Forwarding Settings: Port forwarding.
• Windows Proxy: Logs all requests on the computer.
• Proxy Settings: Proxy settings.
• SSL Proxying Settings: SSL proxy settings.
• Access Control Settings: Access control settings.
• External Proxy Settings: External proxy settings.
• Web Interface Settings: Web interface settings.

Recording Settings

Recording Settings has three tabs: Options, Include, and Exclude:

Options: Limit the size of recording data through Recording Size Limits. When Charles logs, the request, response headers, and response body are stored in memory, or written to a temporary file on disk. At times, the amount of data in memory may become too much, and Charles will notify you and stop recording. In this case, you should clear the Charles session to free up memory and start recording again. In the recording settings, you can limit the maximum size Charles will record; this won't affect your browsing at all, Charles will just stop recording.
Include: Only requests matching the configured address will be recorded.
Exclude: Only requests matching the configured address will not be recorded.

Or use Focus for quick filtering

Throttle Settings

Simulate weak network environment

Bandwidth: Bandwidth
Utilization: Utilization percentage
Round-trip: round-trip delay
MTU: bytes

Breakpoint Settings

Windows Proxy (logs all requests on the computer)

To capture requests from computers, check Windows Proxy. If you only need to capture requests from mobile terminals, uncheck this option.

Proxy Settings

Set proxy default port number
SSL Proxy Settings

Check Enable SSL proxying to complete the SSL proxy settings on Charles. After that, you can also select Add, and then fill in the Host and Port information to be monitored, so as to achieve the purpose of enabling SSL proxy for a domain name.

Tools

The Tools menu contains the following functions:

• No Caching Settings: Disable caching settings.
• Block Cookies Settings: Disable cookie settings.
• Map Remote Settings: Remote map settings.
• Map Local Settings: Local map settings.
• Rewrite Settings: Rewrite settings.
• Black List Settings: Black List Settings.
• White List Settings: White List Settings.
• DNS Spoofing Settings: DNS Spoofing Settings.
• Mirror Settings: Mirror settings.
• Auto Save Settings: Auto save settings.
• Client Process Settings: Client process settings.
• Compose: Edit and modify.
• Repeat: Repeat the packet.
• Repeat Advanced: Advanced repeat packets.
• Validate: Validate.
• Publish Gist: Publish Gist.
• Import/Export Settings: Import/Export settings.
• Profiles: Profiles.
• Publish Gist Settings: Publish Gist Settings.

Map mapping:

Map Remote Settings: Remote map settings.
Map Local Settings: Local map settings.
Charles' Map function is divided into Map Remote and Map Local. As the name suggests, Map Remote redirects the specified network request to another URL request address, and Map Local redirects the specified network request to a local file.

Map Remote Settings use:
Diagram, redirecting all requests from www.csc.com to www.www.csc.com

(Some more complex network requests), you can save the request structure to the local, and then use the Map Local Settings (local mapping) file.

Rewrite

The Rewrite function is suitable for performing some regular replacements on a certain type of network request to achieve the purpose of modifying the result.
The content of all elements of the interface can be rewritten: header, host, url, path, query param, response status, body.

Charles function summary

• Intercept Http and Https network packets.
• Supports resending network requests to facilitate back-end debugging.
• Support for modifying network request parameters.
• Support the interception and dynamic modification of network requests.
• Support for simulating slow networks.
• The Structure view categorizes network requests by the domain names accessed.
• The Sequence view sorts network requests by time of access.
• The map function is suitable for long-term redirection of some requests to another network address or local file.
• The Rewrite function is suitable for some regular replacement of network requests.
• The Breakpoints function is suitable for making some temporary changes.