无法使用 Android 在 Charles Proxy 中查看 HTTPS 请求
[英]Unable to view HTTPS requests in Charles Proxy with Android
问题描述
I am trying to debug an app on the Google Playstore so that I can see the requests that it is sending out.
我正在尝试在 Google Playstore 上调试一个应用程序,以便我可以看到它发出的请求。 I've set up Charles Proxy on my computer to help me do so, but I am having issues with viewing requests sent out with https.我已经在我的计算机上设置了Charles Proxy来帮助我这样做,但是我在查看使用 https 发送的请求时遇到了问题。 My steps are listed below.我的步骤如下。
My Computer:我的电脑:
Manjaro Linux Manjaro Linux
My Phone:我的手机:
Google Pixel 4a谷歌像素 4a
Android 11 Android 11
Not rooted未扎根
My Settings:我的设置:
Using Charles v4.6.1使用查尔斯 v4.6.1
Proxy Settings代理设置
SSL Proxying Settings SSL 代理设置
My Access Control Setting's contain my phone's IP.我的访问控制设置包含我手机的 IP。
My Phone Settings:我的手机设置:
Proxy Settings代理设置
Certificate证书
Here are my steps to allow the app use SSL through charles:以下是我允许应用通过 charles 使用 SSL 的步骤:
- Download the app from the Google Playstore.从 Google Playstore 下载应用程序。
- Find the apk and transfer it to my PC, and then uninstall the app through the Google Playstore.找到apk并将其传输到我的PC,然后通过Google Playstore卸载该应用程序。
- Decompile the apk using Apktool from XDA Forums.使用 XDA 论坛的 Apktool 反编译 apk。
- According to this and this , I need add the following lines below inside
<network-security-config>inside the network security xml.根据this和this ,我需要在网络安全 xml 内的<network-security-config>内添加以下行。
<debug-overrides>
<trust-anchors>
<certificates src="user"/>
</trust-anchors>
</debug-overrides>
- The AndroidManifest.xml already follows the required changes, so I don't make any changes there. AndroidManifest.xml 已经遵循了所需的更改,因此我不在那里进行任何更改。
- I compile the decompiled contents into an apk.我将反编译的内容编译成一个apk。
- I sign the built apk with Uber Apk Signer.我使用 Uber Apk Signer 对构建的 apk 进行签名。
- I transfer the built and signed apk to my phone, and install it.我将构建和签名的 apk 传输到我的手机,然后安装它。
I do not get any errors at any step though this list.通过此列表,我在任何步骤都没有收到任何错误。
Here is a screenshot of my view in Charles .这是我在 Charles 中的视图的屏幕截图。
Thank you in advance, and please let me know if you need any more details.提前谢谢您,如果您需要更多详细信息,请告诉我。
1 个解决方案
解决方案1
1 已采纳 2021-01-29 10:56:34
Your network config there is within <debug-overrides> , which only applies for debug builds.您的网络配置在<debug-overrides>中,仅适用于调试版本。 Did you build the application in debug mode, or for production?您是在调试模式下构建应用程序,还是在生产环境中构建应用程序? If you don't build in debug mode then that config won't apply.如果您不在调试模式下构建,则该配置将不适用。
You probably want to use <base-config> instead, which applies to all builds, not just debug builds.您可能想改用<base-config> ,它适用于所有构建,而不仅仅是调试构建。 There's a full example here: https://httptoolkit.tech/docs/guides/android/#if-you-dont-have-a-custom-network-security-config .这里有一个完整的例子: https://httptoolkit.tech/docs/guides/android/#if-you-dont-have-a-custom-network-security-config 。
If that doesn't work, then it's likely that there's some certificate pinning in place in the application code itself, independent of the network security settings.如果这不起作用,那么很可能在应用程序代码本身中存在一些证书固定,与网络安全设置无关。 To fix that you'll need to manually edit the code itself.要解决这个问题,您需要手动编辑代码本身。 You can also try using https://github.com/shroudedcode/apk-mitm which has a selection of automated patches that disable many common manual pinning implementations for you.您还可以尝试使用https://github.com/shroudedcode/apk-mitm ,它有一系列自动补丁可以为您禁用许多常见的手动固定实现。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.