How the agent works
The interaction between the browser, the WEB server, and the proxy tool
"proxy" can record, intercept, modify, send again, and discard the passing data packets.
Browser proxy settings
Steps (Firefox browser as an example):
Options-> Network Settings-> Manual Proxy
How to quickly switch the proxy:
Browser plug-in: Proxy Switcher (However, it costs money)
Similar plug-ins can be considered:
Proxy SwitchyOmega free
Proxy SwitchyOmega The same function as the manual proxy configuration HTTP, the port must be the same.
Commonly used proxy tools
Burpsuite , Clarles , Fiddler
Take Burpsuite as an example:
it is based on the Java environment, cross-platform, and powerful. In addition to proxy packet capture, there are also rich security testing functions.
First, set the listening port:
However, the problem is that it is not necessary to set the listening port to be consistent with the HTTP proxy. Burpsuite requires the installation of a certificate.
The source of the certificate
Method 1:
Open Burpsuite and HTTP manual proxy at the same time:
enter the URL address in Firefox browser: http: // burp, download the CA Certificate
Method 2:
Here is a method for exporting the certificate from Burpsuite Bring your own certificate:
At this time, the certificate will be exported to the main directory. If we have installed VMtools, we can directly copy from the main directory and paste it into the host (physical machine)
Install the certificate:
Open the certificate management of Firefox browser, and the
import is successful.
If bloggers want to see Burpsuite's proxy function, you can follow my blog, there will be a specific introduction.
Tips;
Maybe some bloggers have done all the above operations, but still can't capture packets, I also summarized the online method, you can give it a try.
- Some problems may be in the browser's HTTP proxy.
Type about: config in the browser URL bar for advanced preference,
and then find network.proxy.allow_hijacking_localhost Double-click to make the following false become true
(you can try it, but in my In the case of personal test, there is no need to make changes, but it is not easy to say the situation of different bloggers)
