iOS Packet Capture using Charles
Charles
It is a paid web debugging proxy application with a 30days trial period. Within the trial period, it will forcibly quit after every 30mins of use, though it can be used again after restarting.
Note: Be safe and don’t download the cracked version of this software.
Installation on macOS
The downloadable package can be obtained from the official website of Charles (https://www.charlesproxy.com/download/)
iPhone Proxy Configuration
Goto: Settings -> Wi-Fi -> [Select Wi-fi] -> Configure Proxy -> [Manual]
Manual Proxy requires Server Address and Port Number which can be obtained from Charles.
- Help Menu -> Local IP Address 2. Proxy Menu -> Proxy Settings
Once you are done with the proxy configuration, Charles will prompt a connection popup, click ‘Allow‘. Now you can see Charles capturing requests from the iPhone.
To capture the request sent from the iPhone, it is necessary to ensure that the iPhone and the PC are connected to the same local area network.
Capture HTTP request
After configuring the iPhone proxy, you can preview the HTTP request. As HTTPS request is encrypted, only garbled data can be previewed. To preview the plaintext of the HTTPS requests, Charles root certificates need to be installed on Mac and iPhone.
- Root certificate installation on a mac
Goto: Help Menu -> SSL Proxying -> Install Charles Root Certificate
The certificate can be viewed in Keychain. Double click the certificate and set ‘Always Trust’.
- Root certificate installation on iPhone
Goto: Help Menu -> SSL Proxying -> Install Charles Root Certificate on a Mobile Device or Remote Browser
After the certificate is installed and trusted, you need to enable the root certificate on the iPhone.
Goto: iPhone Settings -> About -> Certificate Trust Settings -> Enable Charles root certificate.
Now you can use Charles to capture the HTTPS request sent by the iPhone and preview the plaintext data.
Before that, you need to enable SSL proxying on the request.
Plaintext Preview of JSON body in Charles
Voila 🙌 🎉