Charles cracking method and crawl HTTP and HTTPS packets

Charles crack method:

1. Premise: charles java environment is required in order to run, you need to install the java environment can.
2. Download the latest charles: https: //www.charlesproxy.com/latest-release/download.do, download and install is complete.
3. Charles Online cracking tools: https://www.zzzmode.com/mytools/charles/ , this tool is used to generate file charles.jar break.
4. Charles mounting opening of bin path, such as C: \ Program Files \ Charles \ lib, the generated file charles.jar charles.jar replace the original file.
5. Restart charles, will not prompt 30-day trial, the case of withdrawal after half an hour.

HTTP:

HTTP: is the Internet's most widely used network protocol, a client and a server-side request and response standard (TCP), hypertext transfer protocol for transmission from the WWW server to the local browser, it can make browsing It is more efficient, so that network traffic is reduced.

HTTPS:

HTTPS: HTTP is safe for the target channel, simply, is a safe version of HTTP, HTTP added SSL layer, HTTPS security infrastructure is SSL, encryption and therefore the details will need to SSL.

The main role of the HTTPS protocol can be divided into two types: one is to establish a channel of information security, to ensure the security of data transmission; the other is to confirm the authenticity of the site.

HTTP and HTTPS difference:

1. http hypertext transfer protocol, information is transmitted in the clear, https is encrypted with a security ssl transfer protocol.
2. http and https use is completely different connections, with the port are not the same, the former is 80, which is 443.
3. Http connection is very simple, is stateless; is constructed by the HTTPS protocol SSL + HTTP encrypted transmission protocol, a network authentication protocol, the http protocol than security.
4. ca https protocol needs to apply for a certificate, generally less free certificates, thus requiring a fee.

Charles crawl HTTP package:

1. charles certificate is not installed, the default package type of information will be able to catch http URL.

Charles crawling HTTPS browser package:

1. Charles certificates installed on your computer: Click Help -> SSL Proxying -> Installing Charles Root Certificate, which will pop up a window, warning AC certificate is not trusted, select Install Certificate - "Next -" will put all certificates the following store - "Browse -" trusted root certification Authorities - "OK -" Next - "Finish. Then displays the import was successful.
2. SSL proxy settings: Proxy -> SSL Proxying Setting -> Enable SSL Proxying -> Add. Visit https port number is 443. Host pop-up form to fill in the domain name, such as fill api.instagram.com, Port fill 443.
3. Restart charles, add a browser to access the web site step, there will be a return to the correct package information.

Charles APP grab bag of HTTPS:

1. Premise: with charles capture, to turn off the firewall.
2. You first need to know the ip address of the computer, two methods, one ipconfig through the cmd window, the other is a help menu charles
3. 
4. Phone with charles connected to the same network segment, on the phone to enter the current wifi connection (and computers in a LAN), set an HTTP proxy server IP previous step to fill obtained, fill port 8888. In this case, charles already can grab phone http type APP package the information. Https continue to grab the fourth step.
5. Phone side install an SSL certificate: Open mobile phone browser, enter the address chls.pro/ssl download a certificate to be installed on your phone, download the .crt format
6. APP visit https type of test kits, by charles viewing package information.

Reference documents:

https://www.2cto.com/article/201406/310928.html

Fetch HTTPS request: Request: https: //www.cnblogs.com/ceshijiagoushi/p/6812493.html