ios - HTTPS 嗅探/Charles SSL 在 Facebook 上不起作用
<p><p>Charles SSL 基本上适用于除 Facebook 之外的任何其他应用程序或网站。我已经在 iOS 设备上安装了所有证书,但是当仅嗅探 Facebook 时,当方法为 <code>CONNECT</code> 时,我总是得到状态 <code>Failed</code>。怎么了?</p></p>
<br><hr><h1><strong>Best Answer-推荐答案</ strong></h1><br>
<p><p>可能使用证书固定。</p>
<p>在此处对答案的评论中找到一些信息:</p>
<p> <a href="https://stackoverflow.com/questions/26396347/how-facebook-snapchat-or-gmail-ios-apps-prevent-fiddler-decrypting-their-https" rel="noreferrer noopener nofollow">How Facebook, SnapChat, or Gmail iOS apps prevent Fiddler decrypting their https traffic?</a> </p>
<p>摘自一篇解释得很好的现已删除的博客:</p>
<blockquote>
<p>Certificate Pinning is an extra layer of security that is used by applications to ensure that the certificate provided by the remote server is the one which is expected.</p>
<p>By including the remote server’s x509 certificate or public key within the application, it is possible to compare the locally stored certificate or key with the one provided by the remote server.</p>
</blockquote>
<p> <a href="http://resources.infosecinstitute.com/ios-application-security-part-36-bypassing-certificate-pinning-using-ssl-kill-switch/" rel="noreferrer noopener nofollow">Here is some info on how to bypass pinning on iOS</a> </p></p>
<p style="font-size: 20px;">关于ios - HTTPS 嗅探/Charles SSL 在 Facebook 上不起作用,我们在Stack Overflow上找到一个类似的问题:
<a href="https://stackoverflow.com/questions/40382897/" rel="noreferrer noopener nofollow" style="color: red;">
https://stackoverflow.com/questions/40382897/
</a>
</p>
页:
[1]