发表于 2023-10-27 22:59:08

一个能用的微信小程序抓包方式(亲测)

<p><span style="font-family: 微软雅黑;">今天接到复测微信小程序的任务,需要对微信小程序进行抓包,从上午到现在试了很多方式,分别为</span><span style="font-family: &amp;quot;">Burp+Proxifier、Burp+安卓模拟器、Charles+Burp,甚至尝试了Windows系统代{过}{滤}理+Burp,最后只有</span><span style="font-family: &amp;quot;">Charles+Burp成功抓取,其他的错误有机会再次尝试的时候再一一列举。</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">先说一下成功抓取的方式。</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">1.所需要的工具:</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">Charles-proxy-4.6.2-win64</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">BurpSuite2023</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">2.工具安装步骤</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">BurpSuite下载与安装自行在论坛搜索,</span><span style="font-family: &amp;quot;">Charles-proxy直接next即可。</span><br /><span style="font-family: &amp;quot;">3.工具配置</span><br /><span style="font-family: &amp;quot;">首先介绍Charles-proxy的配置,打开</span><span style="font-family: &amp;quot;">Charles-proxy后,依次进行以下步骤:</span><br /><span style="font-family: &amp;quot;">证书安装:如下图</span></p>
<p><span style="font-family: &amp;quot;"></span></p>
<p><span style="font-family: &amp;quot;">在弹出的窗口中选择安装证书,然后点击下一步,在弹出的窗口里选择下图里面的选项</span></p>
<p><span style="font-family: &amp;quot;"></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">后面一直点击,直至完成即可。</span><br /><span style="font-size: medium;">&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;</span><br /><span style="font-size: medium;">证书安装完成,接下来继续配置代{过}{滤}理信息,点击proxy选项,选择下面图示内容:</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">按照下图内容进行配置:</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">8888端口是默认端口,配置完成后点击ok即可。 接下来点击SSL Proxying Settings:</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">打开后,按照下图配置(注意两个写*的位置)</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">写上*是代表抓取任意端口和域名,如果只抓取固定的端口or域名可自行设置。 </span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">接下来配置将数据包代{过}{滤}理到BurpSuite的代{过}{滤}理选项: </span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">选择下图选项:</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;">按照下图配置</span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">注意,Web Proxy(HTTP)和Secure Web Peoxy(HTTPS)都需要填写127.0.0.1以及端口(这里填的都是8091),这和后续配置BurpSuite代{过}{滤}理的端口一致。</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">配置完成点击ok即可。</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">下面配置BurpSuite,与之相比较简单,打开BurpSuite代{过}{滤}理配置选项:</span><br /><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">配置刚刚我们绑定的端口</span></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;"></span></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">大功告成。<br />&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;<br />下面是一些配置成功后,抓取的记录</span></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;"></span></span></span></p>
<p><span style="font-family: &amp;quot;"><span style="font-size: medium;"><span style="font-family: Microsoft Yahei, Hei, Tahoma, SimHei, sans-serif;">链接: <span style="color: #e03e2d;"><a style="color: #e03e2d;" href="https://pan.baidu.com/s/1FT8knsJ_Ui5q9qcftyRIsQ?pwd=ci7u" target="_blank" rel="noopener">https://pan.baidu.com/s/1FT8knsJ_Ui5q9qcftyRIsQ?pwd=ci7u</a></span> 提取码: ci7u</span></span></span></p>
页: [1]
查看完整版本: 一个能用的微信小程序抓包方式(亲测)