A: The difference between HTTP and HTTPS
HTTP is the Hypertext Transfer Protocol, is used between the Web browser and the web server to transmit information, HTTP protocol to send the content in plain text, data encryption does not provide any way, so the HTTP protocol is not suitable for transmission of sensitive information, such as: credit card numbers, passwords and other payment information. To ensure the privacy of data transmission can be encrypted, so designed Netscape SSL for HTTP protocol data transmission is encrypted, thus born HTTPS.
The main difference between the two:
CA 1.https agreement needs to apply for a certificate, generally less free certificates, thus requiring a fee. Personal website, small sites do not need to use.
2.http is hypertext transfer protocol, information is transmitted in the clear, https is encrypted with security of SSL transfer protocol (https is not absolute security, hacker attacks, denial of service attacks, hijacking and other aspects of the server almost does not work, the most critical SSL certificate credit chain system is not safe, especially in certain countries can control the CA root certificate, the man in the middle attacks as you can).
3.http https and use a completely different connection, with the port are not the same, http is 80, https is 443.
4.https connection is very simple, stateless, https protocol is SSL + HTTP protocol may build encrypted transmission, network authentication protocol.
5.https connection cache as good as http efficient and will increase the cost and power consumption data, even with established safety practices and therefore will be affected.
6.https protocol handshake stage time-consuming.
Two: Charles PC side intercept HTTP and HTTPS request protocol (capture real)
Ethereal precautions:
Ethereal steps:
1.首选保证Charles开启,其它你想抓包的工具也开启,之后找到Charles的Proxy选项中的Start Recoding选项和Windows Proxy(mac电脑的是macOS Proxy),在进行测试的过程中发现不管我的win电脑勾选不勾选Windows Proxy,都可以抓取电脑上的包,经过跟几个搞测试的朋友交流,他们的都是正常的,所以少数服从多数,按不勾选Windows Proxy只能抓取手机上app的包,电脑上的包抓取不到。经过测试苹果电脑不勾选macOS Proxy的情况下是不能抓取电脑上的包的,勾选后就可以了。
2.用浏览器打开你想要截取的网址
3.对于HTTPS协议出现的中文乱码,Charles在电脑端安装charles ca证书,之后修改菜单项Proxy中Proxy Settings 和SSL Proxying Settings...选项,否则即使安装了charles ca证书依然不能正常显示
下图为win电脑安装charles ca证书
下图为苹果电脑安装charles ca证书
三:Charles 手机端(安卓,苹果机没有,以后补上)截取HTTP和HTTPS协议请求(包含手机端小程序抓包)
1.Charles想要抓取手机上的包,就要进行一些配置,首先查看Charles所在电脑的ip,两种方式可以
方式1:
方式2:
2.查看Charles的端口号,找到Proxy选项,选中Proxy Settings可以看到默认是:8888
3.手机打开同一局域网下最好同网段(有些是同一局域网但是不在同一个网段,比如我的win是台式的,插的网线,手机是连的公司一个路由器的wifi,结果就连不上抓不了包,无奈我就用了苹果电脑跟手机连同一个wifi,一下就连上去了),设置手动代理,输入电脑的ip和Charles的端口号。结束后不要忘记更改手机代理,否则手机无法正常上网。
4.安卓(vivoX6)手机端安装charles ca证书(前提条件是电脑端也要安装charles ca证书),首选根据charles中help选项中的提示,用手机浏览器(本人手机上选用的是uc浏览器),打开chls.pro/ssl (手机设置了charles代理,否则打开的网址提示错误)。下载后是pem文件,不能被我的手机识别安装,所以我就更改了后缀名.crt文件,安装后,由于不被信任,抓取的https协议的依然提示unknown,经过上网查找,问题没有解决。同事的小米华为手机都ok。
四:Charles HTTPS协议通用抓包配置规则
在上面我们讲到要想抓取某个https协议的内容,在SSL Proxy Settings选项里面添加某个https协议的网址和端口号即可,但是这样可能会有点麻烦,要想截取所有的https协议怎么办?看下图(手机端电脑端通用)
