xposed implementation of packet capture for a certain treasure app
use charles
After operating the app, I found that scattered data packets could be captured when I first opened the app, but subsequent operations could not capture them normally.
Analyze client code
By opening the apk with jeb and analyzing, we learned that the core communication package is located mtopsdk.mtopbelow. After analyzing its code, we came to the conclusion that the fundamental reason why ordinary packet capture tools Charles and Findler cannot capture the corresponding packets is that they use the spdy protocol. Therefore, their use needs to be prevented. spdy protocol.
specific code
Just turn off the spdy option:
public boolean isGlobalSpdySwitchOpen() {
IpChange ipChange = $ipChange;
if (ipChange == null || !(ipChange instanceof IpChange)) {
return localConfig.enableSpdy && remoteConfig.enableSpdy;
} else {
return ((Boolean) ipChange.ipc$dispatch("isGlobalSpdySwitchOpen.()Z", new Object[]{
this})).booleanValue();
}
}
How to write xposed plug-in:
final effect
