正常抓包流程
使用Charles给手机配置用户证书,手机wifi手动配置代理到电脑ip端口,在Charles配置ssl代理进行抓包
参考:www.cnblogs.com/peng-lan/p/…
Android7.0以上无法抓包
参考:johnnyshieh.me/posts/andro…
不想被抓包该怎么配置呢?
1.参考Android版本适配,网络配置设置为仅信任系统证书。
<base-config cleartextTrafficPermitted="false" >
<trust-anchors>
<!-- 信任系统预装 CA 证书 -->
<certificates src="system" />
</trust-anchors>
</base-config>
2.如果还是可以抓包,那就要注意检查一下网络框架的设置,OkHttpClient是不是设置忽略证书了!!!
try {
final TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
X509Certificate[] x509Certificates = new X509Certificate[0];
return x509Certificates;
}
}
};
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient.Builder builder = new OkHttpClient().newBuilder();
builder = builder.sslSocketFactory(sslSocketFactory);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
return builder.build();
} catch (Exception e) {
throw new RuntimeException(e);
}
