Table of contents
3 Configuration steps of different packet capture software
1 Capture software
Since it is a mobile phone emulator, you can use adb to enter the command line, which is more convenient. The packet capture software on the mobile phone has HTTPCanary, and the mobile phone proxy needs to be configured on the computer, using Fiddler, BurpSuite, etc.
2. Grab the HTTPS package
Most of this function needs to be realized by installing the root certificate of the packet capture software. Sometimes it is not easy to install the root certificate on the mobile phone simulator. You can only use adb to directly copy the exported certificate to the /system/etc/security/cacerts directory of the mobile phone.
Prepare the certificate first, put it in the phone directory, and then use adb to connect (generally there will be adb in the simulator installation directory, if not, open the remote adb connection of the simulator and use the adb downloaded by yourself).
First open cmd in the adb directory, use the adb.exe shell, and enter the shell.
Make the mount readable, enter the mount -o rw command, then press Control-C to exit the shell, and use the adb.exe remount command to remount .
Enter the terminal again with the adb.exe shell, and use the mv command to copy the file to the directory mentioned above, such as mv /system/cert.0 /system/etc/security/cacerts.
3 Configuration steps of different packet capture software
Take Fiddler and HttpCanary as an example.
Since HttpCanary is directly installed on the emulator and has automatically configured VPN, it only needs to install an additional root certificate to capture packets.
Fiddler is installed on the computer, so an additional proxy needs to be configured in the emulator. The proxy address is the port number in the computer intranet ip+Fiddler settings (check it in Tools->Options->Connections). The method of configuring the agent for the mobile phone emulator is the same as the way of configuring the agent for the general mobile phone.
4. Proxy
If you want to use Fiddler to capture packets, you need to use a proxy to take the traffic out of the emulator. Sometimes the self-configured proxy does not take effect, you need to use special software to hang the proxy. Many people originally recommended ProxyDroid, but I couldn’t download it without a ladder, so I replaced it with ProxyToggle.
Download ProxyToggle (a sh script will be attached), then install it on the emulator, start it, and it shows that an additional script needs to be run to make the proxy effective:
There is no need for a script here (because it is just a command, and the adb path needs to be in the PATH), just put the APK in the adb file path, and then run cmd: .\ adb.exe install -t -r -g proxy- toggle.apk is fine.
However, some emulators are not directly on the same intranet as the host. The thunderbolt emulator ifconfig used by the author shows the local address as 172.17.1.15, and the relative local ip is not 172.17.2.2 as mentioned on the Internet but 172.17.1.2 . For Yeshen, you need to install an additional driver, and then turn on the bridge mode. After restarting, click on the WLAN to query the IP address, which is the local address.