This blog records two packet capture methods, which are often used in the process of security testing for simple recording.
1. Capture packets through Proxifier and BURP, traffic model:
User——Applet (local computer)——Proxifier (forwarding)——BURP
(1) First configure BURP, this step is relatively simple, here I configure to listen on port 8081 of all IPs:
(2) Configure Proxifier
1. After starting Proxifier, first configure the proxy server
Configuration file - proxy server, as follows:
After filling in the parameters, click "Check" to test the connectivity of the proxy:
2. View the name of the program to be captured
Here is the package that I want to grab the applet, find the program in the task manager, and click "Open the location where the file is located":
3. Configure proxy rules
Configuration file - proxy rules, as follows:
In the application, browse to find the program location of the previous step, select the proxy server just configured in the action, and confirm it as shown in the figure below:
4. Open the mini program through WeChat to check the packet capture situation
Proxifier here shows the situation of traffic proxy:
BURP here shows the situation of packet capture:
(3) Description
When I configured the proxy server and proxy rules in this way for the first time, I found that BURP could not catch the packet, and I didn’t know the reason. I configured it several times and found that it was OK.
2. Capture packets through Android emulator and BURP
Configure the WIFI of the emulator to connect through the BURP proxy, and then run the applet in the Android emulator, the traffic model:
User - applet (running in Android emulator) - Android emulator network - BURP.
Here I am using the Night God simulator.
(1) First configure BURP, this step is relatively simple, here I configure to listen on port 8081 of all IPs:
(2) Configure the simulator agent
1. Find the WIFI network icon on the top of the emulator, select Modify Network, Advanced Options, and configure the agent in the previous step, as follows
2. Download the certificate of BURP, visit http://192.168.2.6:8081 , the IP and port of BURP through the computer.
3. After downloading the cacert.der certificate, put it under Linux and convert it to pem format.
4. View the HASH logo
5. Rename the Pem file name to hash identifier +.0, as follows:
6. Open the developer mode of the emulator, the path is in Tools-Settings-About Tablet PC-Version Number, click on the version number 5 times in succession:
7、 在上一级菜单中出现“开发者选项”,点击进入后打开USB调式模式,如下:
9、 在本地电脑上找到模拟器安装目录,找到nox_adb.exe,将前面修改命名的9a5ba575.0文件放在该目录下面,然后连接到模拟器,提升权限后,将证书文件安装上去,如下:
10、 在模拟器上使用微信小程序,然后在BURP中可以查看到抓包情况。