Charles でネットワークデバッギング

Transcript

1. Charles Ͱ ωοτϫʔΫσόοΪϯά 2018/09/01 13:30ʙ13:45 Track C iOSDC 2018 twitter.com/kumamo_tone

   qiita.com/kumamotone github.com/kumamotone

2. ࣗݾ঺հ • Kazumasa Kumamoto (۽ຊ ࿨ਖ਼) • iOS/AndroidΞϓϦΤϯδχΞˏϠϑʔ • ษڧձӡӦ

   • Twitter: @kumamo_tone
3. None

4. ͜ͷࢿྉ • Charles ͷ঺հ • ࢖͍͔ͨͱ࢖͍Ͳ͜Ζ • ର৅ऀ • CharlesΛ࢖͍ͬͯͳ͍ਓ

   • ΑΓྑ͍σόοάͷํ๏Λ
 ߟ͍͑ͨਓ

5. ͳͥ Charles Λ࢖͏ͷ͔ʁ

6. ͳͥ Charles Λ࢖͏ͷ͔ʁ WebAPI iOSΞϓϦ ௨৴Λߦ͏ҰൠతͳΞϓϦ

7. ෆ۩߹ͷݪҼ͸ͨ͘͞Μ͋Δ Ҿ༻: Introducing Charles for iOS, HUNTING THE NETWORKING FAULT@try!

   Swift Tokyo 2018 ϦΫΤετ͸
   ૹ৴͞Ε͍ͯΔ͔ʁ ਖ਼͍͠
   ϦΫΤετ͔ͩͬͨʁ αʔό͸
   Ԡ౴͍ͯ͠Δͷ͔ʁ ωοτϫʔΫ͸
   ௨͍ͯ͡Δ͔ʁ ΫϥΠΞϯτͷॲཧ͸
   ਖ਼͍͔͠ʁ Ϩεϙϯε͸
   ਖ਼͔ͬͨ͠ͷ͔ʁ

8. Ͳ͏΍ͬͯௐ΂Α͏ʁ • print / σόοΨͰ Breakpoint / LLDB ίϚϯυ •

   extension ΍ϥΠϒϥϦΛ༻ҙͯ͠ɺϩάΛు͘ Codable ͷϚοϐϯάʹࣦഊ͍ͯ͠Δ৔߹΍ɺ
 ϨεϙϯεϔομͳͲɺσόοΨͰ͸ͨͲΓ͖ͭʹ͍͘෦෼͸ʁ Ͳͷํ๏Ͱ΋Ͱ͖Δ͕ɺ৭ʑͳํ๏Λ஌ͬͯ
 ͍ΔͱɺॊೈʹରԠͰ͖Δέʔε͕૿͑ΔΜ͡Ό ౰ͨΓલͷ͜ͱΛ ݴ͏ത࢜ → XcodeΛ࢖Θͣʹௐ΂Δํ΋͋Δ

9. Ͳ͏΍ͬͯௐ΂Α͏ʁ • print / σόοΨͰ Breakpoint / LLDB ίϚϯυ •

   extension ΍ϥΠϒϥϦΛ༻ҙͯ͠ɺϩάΛు͘ Codable ͷϚοϐϯάʹࣦഊ͍ͯ͠Δ৔߹΍ɺ
 ϨεϙϯεϔομͳͲɺσόοΨͰ͸ͨͲΓ͖ͭʹ͍͘෦෼͸ʁ Ͳͷํ๏Ͱ΋Ͱ͖Δ͕ɺ৭ʑͳํ๏Λ஌ͬͯ
 ͍ΔͱɺॊೈʹରԠͰ͖Δέʔε͕૿͑ΔΜ͡Ό ౰ͨΓલͷ͜ͱΛ ݴ͏ത࢜ → XcodeΛ࢖Θͣʹௐ΂Δํ΋͋Δ

10. Charles Proxy

11. Charles ProxyͰͰ͖Δ͜ͱ • ௨৴ͷؒʹڬΉ͜ͱͰɺ಺༰Λݟ΍͘͢දࣔͯ͘͠ΕΔ ϦΫΤετͷ͸999Ͱɺ
    Ϩεϙϯε͸:::΍ͬͨͰ

12. ͨͩ͘͠σόοάͰ͖Ε͹ฏ࿨ʹͳΔ ֬ೝ͚ͨ͠Ͳ
    ΞϓϦͷϩδοΫ͸
    ਖ਼ͦ͠͏͔ͩΒ
    ΍ͬͺΓ"1*͕
    ͓͔͍͠ͱࢥ͏ Ϩεϙϯεϔομͷ
    999͕ෆ଍͍ͯ͠Δ
    ͔΋ͳͷͰɺ֬͝ೝ
    ͍͚ͨͩ·͔͢ʁ

    ˚ɹແ༻ͳ૪͍Λট͘ Մೳੑ͕͋Δ ˕ɹ͍ͭ͜…Ͱ͖Δοʂ

13. Charles ͷ঺հ

14. • ΫϩεϓϥοτϑΥʔϜ (mac OS / Windows / Linux) • HTTPϓϩΩγ

    • ༗ঈ (ࢼ༻൛͋Γ) Charles Web Debugging Proxy Charles ʹ
 ϦΫΤετ ୺຤ͷ୅ΘΓʹ
 Charles͕ϦΫΤετ ௨৴Λ
    $IBSMFT
    1SPYZ
    Λܦ༝ͤ͞Δ͜ͱͰɺ

    $IBSMFT
    Λ௨ͬͨ௨৴ͷ಺༰ΛӾཡͨ͠Γɺ
 ॻ͖׵͑ͨΓͰ͖Δ

15. • ϦΫΤετ/Ϩεϙϯεͷ಺༰ͷදࣔ • ϦΫΤετ/Ϩεϙϯεͷ಺༰ͷॻ׵͑ • γεςϜઃఆͷࣗಈઃఆ • SSL/HTTPSαϙʔτ • SSL

    pinning ͱ͍͏ٕज़Λ࢖͑͹౪ௌɺվ͟ΜΛ๷ࢭͰ͖·͢ ػೳ

16. SSL Pinning ͱ࣮૷ํ๏ʢউखʹએ఻ʣ

17. ػೳ • Throttle • 3GճઢͷγϛϡϨʔτ • Map Remote • ಛఆͷHost,

    Path, Query
 ʹରԠ͢ΔϦΫΤετΛɺ
 ผͷHost, Path, Queryʹసૹ͢Δ • DNS Spooling • DNS ͕ղܾ͢ΔIPΞυϨεΛมߋ • ηογϣϯͷอଘ/࠶ੜ(Auto Save Մ) • BlackList/WhiteList • ௨৴Λ௨͢/௨͞ͳ͍υϝΠϯΛࢦఆ • Port Forwarding • ผͷϙʔτΛࢦఆ • Protocol Buffers αϙʔτ • HTTP 2αϙʔτ

18. ͓΋͠Ζʢʁʣػೳ • Mirror • ϨεϙϯεΛϩʔΧϧʹอଘ • ൒खಈΫϩʔϦϯάʹศར • Flash •

    AMFαϙʔτ • Command-line Tools • ϔουϨεϞʔυ • Web Interface • http://control.charles/ Ͱ
 ઃఆͷΦϯΦϑͳͲͷૢ࡞͕Մೳ
 Ϩεϙϯε͕ݟΕΔΘ͚Ͱ͸ͳ͍

19. ͦͷ΄͔ͷબ୒ࢶ • mitmproxy • Charles ͱಉ͘͡
 Man-In-The-Middle ܕ ϓϩΩγ •

    Python ੡ OSS (brew/pipͰೖΔ) • CUI / Web ΠϯλϑΣʔε(β) • Python εΫϦϓςΟϯά API Charles ͷັྗ͸ɺݟ΍͢͞ɺ࢖͍΍͢͞

20. Charles for iOS • ݕূ୺຤ͷΈͰ௨৴಺༰ͷ֬ೝ͕Ͱ͖Δ • ࢖͍Ͳ͜Ζ • ݕূ୺຤ͱmacͷωοτϫʔΫ͕ҧ͏ •

    ΑΓखܰʹʢग़ઌͱ͔ʣ • ηογϣϯͷอଘ • Airdrop Ͱ mac ͱڞ༗ • Cellular ճઢͰͷσόοά

21. Πϯετʔϧɾઃఆํ๏ 1. Homebrew ͔ dmg ͔ΒΠϯετʔϧ (macOS ͷ৔߹) 2. Proxy

    > SSL Proxy Settings ͔Β༗ޮʹ͢ΔυϝΠϯΛઃఆ 3. ূ໌ॻΛΠϯετʔϧ 4. ূ໌ॻΛ৴པʢmacOS, iOS ͸ಛʹ 10.3ʙʣ • ৄ͘͠͸εϥΠυ຤ඌͷ෇࿥Λ͝ཡ͍ͩ͘͞

22. ࢖͍ํͱ࢖͍Ͳ͜Ζ

23. ࢖͍ํͱ࢖͍Ͳ͜Ζ • Case.1 ݪҼௐࠪ • ϦΫΤετͱϨεϙϯεΛ֬ೝͯ͠ղܾ • Case.2 ಈ࡞֬ೝ •

    ϦΫΤετͱϨεϙϯεΛॻ͖׵͑ͯղܾ

24. Case.1 ݪҼௐࠪ • ීஈͷσόοάͷͱ͖ 8FC
    "1*ͱͷ௨৴ͱɺ
    ͦͷલޙͷॲཧ͕
 ͏·͍͍ͬͯ͘ͳ͍ؾ͕͢Δ
    ͕ɺݪҼ͕Θ͔Βͳ͍ʜ Codable ͷϚοϐϯάҎલʹࣦഊ͍ͯ͠Δ৔߹΍ɺ


    σόοΨͰ͸ͨͲΓ͖ͭʹ͍͘෦෼Λݟ͍ͨͱ͖ʹ࢖͏ͱྑ͍

25. Case.1 ݪҼௐࠪ • ʮαʔόʔͷฦ٫஋͕දࣔ͞Ε͍ͯͳ͍ʯͱڭ͑ͯ΋Βͬͨͱ͖ ֬͝ೝ
    ͓ئ͍͠·͢ ֬ೝ͠·͢ ۓٸͷ৔߹Ͱ΋ɺྫྷ੩ʹ·ͣCharlesΛ։͖·͢

26. Case.1 ݪҼௐࠪ • ϦΫΤετ͸ૹΕ͍ͯΔ͔ʁ Filter ͰߜΓࠐΈ Focus ͰߜΓࠐΈ

27. Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • Overview • Ϩεϙϯείʔυ΍
 ௨৴ʹ͔͔ͬͨ࣌ؒͳͲ

28. Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • Contents -> Headers • ϔομ৘ใ

    • Contents -> Query String • ύϥϝʔλ

29. Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • ɹɹɹ Λબ୒͢Δͱ
 ϦΫΤετͷύϥϝʔλͳͲΛ
 ม͑ͯ࠶ϦΫΤετͰ͖Δ

30. Case.1 ݪҼௐࠪ • Ϩεϙϯεͷ಺༰͸૝ఆͱ߹͍ͬͯΔ͔ʁ • Contents -> JSON • JSON

    Λݟ΍͘͢දࣔ • Contents -> JSON Text • JSON Λ੔ܗͯ͠දࣔ

31. Case.2 ಈ࡞֬ೝ • ౤ߘ࣌ͷΤϥʔίʔυ౳ʹΑͬͯΤϥʔϝοηʔδΛมߋ͍ͨ͠ • ຤ඌͷηϧ͕޿ࠂͷ৔߹ͷΈ༨നௐ੔͍ͨ͠ ϞοΫΛ࡞ͬͨΓԾͷ஋ΛೖΕͯ΋͍͍͕ɺ
 ΞϓϦΛฤू͢Δ͜ͱͳ͘ɺ
 ϨεϙϯεΛࠩସ͑Δ͜ͱ΋Ͱ͖ΔΜ͡Ό

32. Case.2 ಈ࡞֬ೝ • Ϩεϙϯεॻ͖׵͑ํ๏ 3छྨ • Map Local • Break

    Points / Edit Response • Rewrite ผͷαʔόΛࢀর͍ͤͨ͞ͱ͖͸ɺ Map Remote ΍ DNS SpoolingͰ ผͷυϝΠϯ/IPʹࢀরͤ͞Δͷ΋ΞϦ͡Ό

33. Case.2 ಈ࡞֬ೝ • Map Local • ϩʔΧϧͷϑΝΠϧΛࢀরͤ͞Δ • ྫ: https://hoge.jp/user/1


    ΁ͷϦΫΤετͷͱ͖͸
 /Users/kumamoto/user1.json
 Λฦ͢ ӈΫϦοΫϝχϡʔ͔Β Map Local Λબ୒

34. Case.2 ಈ࡞֬ೝ • Break Points • ΠϯλϥΫςΟϒʹ಺༰Λฤू • ϦΫΤετ/Ϩεϙϯε
 ͷࡍʹμΠΞϩά্ཱ͕͕ͪΔ

    • Edit Response Ͱฤू ӈΫϦοΫϝχϡʔ͔Β BreakPoints Λબ୒

35. Case.2 ಈ࡞֬ೝ • Rewrite • ಛఆͷਖ਼نදݱͰॻ׵͑ͳͲ • ྫ: user-agentΛಈతʹॻ͖׵͑ Tools

    > Rewrite ͔Βબ୒

36. Case.2 ಈ࡞֬ೝ 3FXSJUF .BQ
    -PDBM #SFBL
    1PJOUT ϨεϙϯεΛʢԿ౓΋ʣࠩ͠ସ͍͑ͨʂ
    PS
    λΠϜΞ΢τ͕ઃఆ͞Ε͍ͯΔ ࣗಈͰॻ͖׵͑ΔϧʔϧΛઃఆ͍ͨ͠ʂ ϨεϙϯεΛʢͬ͘͞ͱʣࠩ͠ସ͍͑ͨʂ
    PS
    ϦΫΤετΛࠩ͠ସ͍͑ͨ

37. Case.2 ಈ࡞֬ೝ • APIͷ୲౰ऀ͕ผͷ৔߹͸ɺ
 ରԠΛ଴ͨͣʹਐΊΒΕΔ • Մมͷ UILabel ͷදࣔ͸่Ε͕ͪ •

    վߦ͸ͨͩ͘͠͞Ε͍ͯΔ͔ʁ • ຤ඌ͸ʮ…ʯʹͳ͍ͬͯΔ͔ʁ • ࣗಈςετ΍UnitςετͳͲ
 Ͱ΋୲อͰ͖Δͱ˓ ίʔυϨϏϡʔ༻ͷΩϟϓνϟ

38. ·ͱΊ

39. ·ͱΊ • Charles Proxy ͷ঺հ • ͍Ζ͍Ζͳػೳ͕͋Δ • ΞϓϦ։ൃͰಛʹศརͳػೳ •

    ௨৴಺༰Λݟ΍͘͢දࣔ • ௨৴಺༰ͷࠩସ͑ • Map Local / Break Points / Rewrite • ҟৗܥ΍ɺUIͷදࣔ֬ೝʹศར

40. Α͖σόοάϥΠϑΛ

41. Thank you!

42. ෇࿥: Charles ͷઃఆ

43. Πϯετʔϧ • μ΢ϯϩʔυͯ͠ dmg ϑΝΠϧΛ࣮ߦ ϋϚΓͲ͜Ζφγ • HomebrewͰ΋ೖΔΈ͍ͨͰ͢ ( ɾ㲆ɾ)ͭ

    $ brew install charles Windows ͸ .msi , Linux ͸ APT/YUM ͰೖΔ

44. ىಈ • Grant PrivilegesΛ
 બ୒ͯࣗ͠ಈઃఆ • ͜Ε͚ͩͰ
 ͍͍ͩͨͷΞϓϦͷ
 ௨৴಺༰͕ݟΕΔ •

    SSL(HTTPS)Ͱ҉߸Խ
 ͞Ε͍ͯΔ಺༰͸
 ઃఆ͕ඞཁʢ࣍ϖʔδʣ

45. SSL ϓϩΩγઃఆ • Enable SSL Proxying ʹνΣοΫ͕ೖ͍ͬͯΔ͜ͱΛ֬ೝ • Proxy >

    SSL Proxy Settings ͔Β༗ޮʹ͢ΔυϝΠϯΛઃఆʢ* Ͱશ෦ʣ

46. ূ໌ॻΛొ࿥ • Help > SSL Proxying > Install Charles Root

    Certificate • ূ໌ॻΛʮৗʹ৴པʯ ݕࡧ૭Λ࢖͏ͱ͍͍͍ͧ

47. SSLͷ௨৴͕ݟΕΔΑ͏ʹͳͬͨ

48. iOS࣮ػͷઃఆ • ઃఆ > Wi-Fi > (઀ଓதͷSSID) > ϓϩΩγΛߏ੒ >

    खಈ • Charles ͷ IPΞυϨεͱϙʔτ(8888)ΛೖΕΔ IPΞυϨεΛௐ΂ͯiPhoneʹೖྗ͍ͨ͠ͱ͖͸ɺ ͯ͠ɺϢχόʔαϧΫϦοϓϘʔυ΁௥Ճ͢Δͱศར͡Ό ศརͳ͜ͱΛ ڭ͑ͯ͘ΕΔത࢜ • Charles ͷ Help > Local IP Address ϝχϡʔͰίϐʔ ifconfig΍MacͷWiFiϚʔΫΛopt+ΫϦοΫͰ΋OK

49. iOS࣮ػͷઃఆ • Charles ʹܨ͍ͰΔঢ় ଶͰ Safari Ͱ https:// chls.pro/ssl ʹΞΫηε

    ͯ͠ূ໌ॻΛΠϯετʔ ϧ • Ұൠ > ৘ใ > ৴པॻઃ ఆ > Charles Proxy CA Λ Φϯ(iOS10.3ʙ)

50. iOS Simulator ͷઃఆ • Help > SSL Proxying > Install

    Charles Root Certificate in iOS Simulator • iOS Simulator ͕͢Ͱʹ্ཱ͕͍ͪͬͯΔ৔߹͸ɺ
 Charles → iOS Simulator ͷॱʹ্ཱͪ͛௚͢

51. EOP