20211214 更新 - 证书信任设置(今天抓包忘记配置这个,导致忙活半天)
burpsuite配置
(配置同wifi的IP加端口)
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDE4LmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDIvMTM5MjE5Mi0yMDIwMDIxODIyNTA1NDQxOC0xNDg4OTgxNTc5LnBuZw%3D%3D.png?w=700&webp=1)
导出导入https证书
证书有两种方式安装
一种是burpsuite导出,再导入到手机
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDE4LmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDIvMTM5MjE5Mi0yMDIwMDIxODIyNTQ1NzgzNS01MjA3Mjc2Ni5wbmc%3D.png?w=700&webp=1)
另一种是手机访问http://192.168.0.104:8888/
下载证书
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDIwLmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDgvMTM5MjE5Mi0yMDIwMDgxMTEzMzcwMTgzNS0zNTAzNTQ1OTQucG5n.png?w=700&webp=1)
iphone证书安装是der
格式,android证书安装是 cer
格式(安卓识别不了der
格式证书)
iPhone 配置
证书需要在 Safari 浏览器中下载,打开网址 http://burp ,下载证书。
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDIwLmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIxMTIvMTM5MjE5Mi0yMDIxMTIxNDIwNDAxODk3OS01NDQxNDk2OTcucG5n.png?w=700&webp=1)
在 设置 -- 通用 -- VPN与设备管理 -- 描述文件与设备管理
就会看到 下载的证书
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDE4LmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDIvMTM5MjE5Mi0yMDIwMDIyNDE1MjkzODYwMC0xNTY3MTUxNy5wbmc%3D.png?w=700&webp=1)
点击 PortSwigger CA 右上角 安装 - 输入手机密码 - 安装
然后在设置 -- 通用 -- 关于本机 -- 证书信任设置
中信任证书
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDIwLmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIxMTIvMTM5MjE5Mi0yMDIxMTIxNDIwMzczMTAyMS0xODY5Njc2MTAzLnBuZw%3D%3D.png?w=700&webp=1)
Android 配置
WLAN - 代理 - 无 改为手动
主机名:电脑端的IP
端口:电脑端的IP对应抓包的端口
导入证书
设置--安全--从SD卡安装证书
找到cer文件,进行安装
凭据用途
选择WLAN
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDIwLmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDgvMTM5MjE5Mi0yMDIwMDgxMTEzMzA1MjEzMS01OTQ2NDMzMDUucG5n.png?w=700&webp=1)
最后
电脑端抓包
![](https://image.shishitao.com:8440/aHR0cHM6Ly9pbWcyMDE4LmNuYmxvZ3MuY29tL2Jsb2cvMTM5MjE5Mi8yMDIwMDIvMTM5MjE5Mi0yMDIwMDIyNDE1MzExMTE3NC03Njk3ODM0NzAucG5n.png?w=700&webp=1)
完