Charles でネットワークデバッギング

Slide 1

Slide 1 text

Charles Ͱ ωοτϫʔΫσόοΪϯά 2018/09/01 13:30ʙ13:45 Track C iOSDC 2018 twitter.com/kumamo_tone qiita.com/kumamotone github.com/kumamotone

Slide 2

Slide 2 text

ࣗݾ঺հ • Kazumasa Kumamoto (۽ຊ ࿨ਖ਼) • iOS/AndroidΞϓϦΤϯδχΞˏϠϑʔ • ษڧձӡӦ • Twitter: @kumamo_tone

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

͜ͷࢿྉ • Charles ͷ঺հ • ࢖͍͔ͨͱ࢖͍Ͳ͜Ζ • ର৅ऀ • CharlesΛ࢖͍ͬͯͳ͍ਓ • ΑΓྑ͍σόοάͷํ๏Λ  ߟ͍͑ͨਓ

Slide 5

Slide 5 text

ͳͥ Charles Λ࢖͏ͷ͔ʁ

Slide 6

Slide 6 text

ͳͥ Charles Λ࢖͏ͷ͔ʁ WebAPI iOSΞϓϦ ௨৴Λߦ͏ҰൠతͳΞϓϦ

Slide 7

Slide 7 text

ෆ۩߹ͷݪҼ͸ͨ͘͞Μ͋Δ Ҿ༻: Introducing Charles for iOS, HUNTING THE NETWORKING FAULT@try! Swift Tokyo 2018 ϦΫΤετ͸ ૹ৴͞Ε͍ͯΔ͔ʁ ਖ਼͍͠ ϦΫΤετ͔ͩͬͨʁ αʔό͸ Ԡ౴͍ͯ͠Δͷ͔ʁ ωοτϫʔΫ͸ ௨͍ͯ͡Δ͔ʁ ΫϥΠΞϯτͷॲཧ͸ ਖ਼͍͔͠ʁ Ϩεϙϯε͸ ਖ਼͔ͬͨ͠ͷ͔ʁ

Slide 8

Slide 8 text

Ͳ͏΍ͬͯௐ΂Α͏ʁ • print / σόοΨͰ Breakpoint / LLDB ίϚϯυ • extension ΍ϥΠϒϥϦΛ༻ҙͯ͠ɺϩάΛు͘ Codable ͷϚοϐϯάʹࣦഊ͍ͯ͠Δ৔߹΍ɺ  ϨεϙϯεϔομͳͲɺσόοΨͰ͸ͨͲΓ͖ͭʹ͍͘෦෼͸ʁ Ͳͷํ๏Ͱ΋Ͱ͖Δ͕ɺ৭ʑͳํ๏Λ஌ͬͯ  ͍ΔͱɺॊೈʹରԠͰ͖Δέʔε͕૿͑ΔΜ͡Ό ౰ͨΓલͷ͜ͱΛ ݴ͏ത࢜ → XcodeΛ࢖Θͣʹௐ΂Δํ΋͋Δ

Slide 9

Slide 9 text

Slide 10

Slide 10 text

Charles Proxy

Slide 11

Slide 11 text

Charles ProxyͰͰ͖Δ͜ͱ • ௨৴ͷؒʹڬΉ͜ͱͰɺ಺༰Λݟ΍͘͢දࣔͯ͘͠ΕΔ ϦΫΤετͷ͸999Ͱɺ Ϩεϙϯε͸:::΍ͬͨͰ

Slide 12

Slide 12 text

ͨͩ͘͠σόοάͰ͖Ε͹ฏ࿨ʹͳΔ ֬ೝ͚ͨ͠Ͳ ΞϓϦͷϩδοΫ͸ ਖ਼ͦ͠͏͔ͩΒ ΍ͬͺΓ"1*͕ ͓͔͍͠ͱࢥ͏ Ϩεϙϯεϔομͷ 999͕ෆ଍͍ͯ͠Δ ͔΋ͳͷͰɺ֬͝ೝ ͍͚ͨͩ·͔͢ʁ ˚ɹແ༻ͳ૪͍Λট͘ Մೳੑ͕͋Δ ˕ɹ͍ͭ͜…Ͱ͖Δοʂ

Slide 13

Slide 13 text

Charles ͷ঺հ

Slide 14

Slide 14 text

• ΫϩεϓϥοτϑΥʔϜ (mac OS / Windows / Linux) • HTTPϓϩΩγ • ༗ঈ (ࢼ༻൛͋Γ) Charles Web Debugging Proxy Charles ʹ  ϦΫΤετ ୺຤ͷ୅ΘΓʹ  Charles͕ϦΫΤετ ௨৴Λ$IBSMFT1SPYZΛܦ༝ͤ͞Δ͜ͱͰɺ  $IBSMFTΛ௨ͬͨ௨৴ͷ಺༰ΛӾཡͨ͠Γɺ  ॻ͖׵͑ͨΓͰ͖Δ

Slide 15

Slide 15 text

• ϦΫΤετ/Ϩεϙϯεͷ಺༰ͷදࣔ • ϦΫΤετ/Ϩεϙϯεͷ಺༰ͷॻ׵͑ • γεςϜઃఆͷࣗಈઃఆ • SSL/HTTPSαϙʔτ • SSL pinning ͱ͍͏ٕज़Λ࢖͑͹౪ௌɺվ͟ΜΛ๷ࢭͰ͖·͢ ػೳ

Slide 16

Slide 16 text

SSL Pinning ͱ࣮૷ํ๏ʢউखʹએ఻ʣ

Slide 17

Slide 17 text

ػೳ • Throttle • 3GճઢͷγϛϡϨʔτ • Map Remote • ಛఆͷHost, Path, Query  ʹରԠ͢ΔϦΫΤετΛɺ  ผͷHost, Path, Queryʹసૹ͢Δ • DNS Spooling • DNS ͕ղܾ͢ΔIPΞυϨεΛมߋ • ηογϣϯͷอଘ/࠶ੜ(Auto Save Մ) • BlackList/WhiteList • ௨৴Λ௨͢/௨͞ͳ͍υϝΠϯΛࢦఆ • Port Forwarding • ผͷϙʔτΛࢦఆ • Protocol Buffers αϙʔτ • HTTP 2αϙʔτ

Slide 18

Slide 18 text

͓΋͠Ζʢʁʣػೳ • Mirror • ϨεϙϯεΛϩʔΧϧʹอଘ • ൒खಈΫϩʔϦϯάʹศར • Flash • AMFαϙʔτ • Command-line Tools • ϔουϨεϞʔυ • Web Interface • http://control.charles/ Ͱ  ઃఆͷΦϯΦϑͳͲͷૢ࡞͕Մೳ  Ϩεϙϯε͕ݟΕΔΘ͚Ͱ͸ͳ͍

Slide 19

Slide 19 text

ͦͷ΄͔ͷબ୒ࢶ • mitmproxy • Charles ͱಉ͘͡  Man-In-The-Middle ܕ ϓϩΩγ • Python ੡ OSS (brew/pipͰೖΔ) • CUI / Web ΠϯλϑΣʔε(β) • Python εΫϦϓςΟϯά API Charles ͷັྗ͸ɺݟ΍͢͞ɺ࢖͍΍͢͞

Slide 20

Slide 20 text

Charles for iOS • ݕূ୺຤ͷΈͰ௨৴಺༰ͷ֬ೝ͕Ͱ͖Δ • ࢖͍Ͳ͜Ζ • ݕূ୺຤ͱmacͷωοτϫʔΫ͕ҧ͏ • ΑΓखܰʹʢग़ઌͱ͔ʣ • ηογϣϯͷอଘ • Airdrop Ͱ mac ͱڞ༗ • Cellular ճઢͰͷσόοά

Slide 21

Slide 21 text

Πϯετʔϧɾઃఆํ๏ 1. Homebrew ͔ dmg ͔ΒΠϯετʔϧ (macOS ͷ৔߹) 2. Proxy > SSL Proxy Settings ͔Β༗ޮʹ͢ΔυϝΠϯΛઃఆ 3. ূ໌ॻΛΠϯετʔϧ 4. ূ໌ॻΛ৴པʢmacOS, iOS ͸ಛʹ 10.3ʙʣ • ৄ͘͠͸εϥΠυ຤ඌͷ෇࿥Λ͝ཡ͍ͩ͘͞

Slide 22

Slide 22 text

࢖͍ํͱ࢖͍Ͳ͜Ζ

Slide 23

Slide 23 text

࢖͍ํͱ࢖͍Ͳ͜Ζ • Case.1 ݪҼௐࠪ • ϦΫΤετͱϨεϙϯεΛ֬ೝͯ͠ղܾ • Case.2 ಈ࡞֬ೝ • ϦΫΤετͱϨεϙϯεΛॻ͖׵͑ͯղܾ

Slide 24

Slide 24 text

Case.1 ݪҼௐࠪ • ීஈͷσόοάͷͱ͖ 8FC"1*ͱͷ௨৴ͱɺ ͦͷલޙͷॲཧ͕  ͏·͍͍ͬͯ͘ͳ͍ؾ͕͢Δ ͕ɺݪҼ͕Θ͔Βͳ͍ʜ Codable ͷϚοϐϯάҎલʹࣦഊ͍ͯ͠Δ৔߹΍ɺ  σόοΨͰ͸ͨͲΓ͖ͭʹ͍͘෦෼Λݟ͍ͨͱ͖ʹ࢖͏ͱྑ͍

Slide 25

Slide 25 text

Case.1 ݪҼௐࠪ • ʮαʔόʔͷฦ٫஋͕දࣔ͞Ε͍ͯͳ͍ʯͱڭ͑ͯ΋Βͬͨͱ͖ ֬͝ೝ ͓ئ͍͠·͢ ֬ೝ͠·͢ ۓٸͷ৔߹Ͱ΋ɺྫྷ੩ʹ·ͣCharlesΛ։͖·͢

Slide 26

Slide 26 text

Case.1 ݪҼௐࠪ • ϦΫΤετ͸ૹΕ͍ͯΔ͔ʁ Filter ͰߜΓࠐΈ Focus ͰߜΓࠐΈ

Slide 27

Slide 27 text

Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • Overview • Ϩεϙϯείʔυ΍  ௨৴ʹ͔͔ͬͨ࣌ؒͳͲ

Slide 28

Slide 28 text

Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • Contents -> Headers • ϔομ৘ใ • Contents -> Query String • ύϥϝʔλ

Slide 29

Slide 29 text

Case.1 ݪҼௐࠪ • ϦΫΤετ͸ͨͩ͘͠ૹΒΕ͍ͯΔ͔ʁ • ɹɹɹ Λબ୒͢Δͱ  ϦΫΤετͷύϥϝʔλͳͲΛ  ม͑ͯ࠶ϦΫΤετͰ͖Δ

Slide 30

Slide 30 text

Case.1 ݪҼௐࠪ • Ϩεϙϯεͷ಺༰͸૝ఆͱ߹͍ͬͯΔ͔ʁ • Contents -> JSON • JSON Λݟ΍͘͢දࣔ • Contents -> JSON Text • JSON Λ੔ܗͯ͠දࣔ

Slide 31

Slide 31 text

Case.2 ಈ࡞֬ೝ • ౤ߘ࣌ͷΤϥʔίʔυ౳ʹΑͬͯΤϥʔϝοηʔδΛมߋ͍ͨ͠ • ຤ඌͷηϧ͕޿ࠂͷ৔߹ͷΈ༨നௐ੔͍ͨ͠ ϞοΫΛ࡞ͬͨΓԾͷ஋ΛೖΕͯ΋͍͍͕ɺ  ΞϓϦΛฤू͢Δ͜ͱͳ͘ɺ  ϨεϙϯεΛࠩସ͑Δ͜ͱ΋Ͱ͖ΔΜ͡Ό

Slide 32

Slide 32 text

Case.2 ಈ࡞֬ೝ • Ϩεϙϯεॻ͖׵͑ํ๏ 3छྨ • Map Local • Break Points / Edit Response • Rewrite ผͷαʔόΛࢀর͍ͤͨ͞ͱ͖͸ɺ Map Remote ΍ DNS SpoolingͰ ผͷυϝΠϯ/IPʹࢀরͤ͞Δͷ΋ΞϦ͡Ό

Slide 33

Slide 33 text

Case.2 ಈ࡞֬ೝ • Map Local • ϩʔΧϧͷϑΝΠϧΛࢀরͤ͞Δ • ྫ: https://hoge.jp/user/1  ΁ͷϦΫΤετͷͱ͖͸  /Users/kumamoto/user1.json  Λฦ͢ ӈΫϦοΫϝχϡʔ͔Β Map Local Λબ୒

Slide 34

Slide 34 text

Case.2 ಈ࡞֬ೝ • Break Points • ΠϯλϥΫςΟϒʹ಺༰Λฤू • ϦΫΤετ/Ϩεϙϯε  ͷࡍʹμΠΞϩά্ཱ͕͕ͪΔ • Edit Response Ͱฤू ӈΫϦοΫϝχϡʔ͔Β BreakPoints Λબ୒

Slide 35

Slide 35 text

Case.2 ಈ࡞֬ೝ • Rewrite • ಛఆͷਖ਼نදݱͰॻ׵͑ͳͲ • ྫ: user-agentΛಈతʹॻ͖׵͑ Tools > Rewrite ͔Βબ୒

Slide 36

Slide 36 text

Case.2 ಈ࡞֬ೝ 3FXSJUF .BQ-PDBM #SFBL1PJOUT ϨεϙϯεΛʢԿ౓΋ʣࠩ͠ସ͍͑ͨʂ PSλΠϜΞ΢τ͕ઃఆ͞Ε͍ͯΔ ࣗಈͰॻ͖׵͑ΔϧʔϧΛઃఆ͍ͨ͠ʂ ϨεϙϯεΛʢͬ͘͞ͱʣࠩ͠ସ͍͑ͨʂ PSϦΫΤετΛࠩ͠ସ͍͑ͨ

Slide 37

Slide 37 text

Case.2 ಈ࡞֬ೝ • APIͷ୲౰ऀ͕ผͷ৔߹͸ɺ  ରԠΛ଴ͨͣʹਐΊΒΕΔ • Մมͷ UILabel ͷදࣔ͸่Ε͕ͪ • վߦ͸ͨͩ͘͠͞Ε͍ͯΔ͔ʁ • ຤ඌ͸ʮ…ʯʹͳ͍ͬͯΔ͔ʁ • ࣗಈςετ΍UnitςετͳͲ  Ͱ΋୲อͰ͖Δͱ˓ ίʔυϨϏϡʔ༻ͷΩϟϓνϟ

Slide 38

Slide 38 text

·ͱΊ

Slide 39

Slide 39 text

·ͱΊ • Charles Proxy ͷ঺հ • ͍Ζ͍Ζͳػೳ͕͋Δ • ΞϓϦ։ൃͰಛʹศརͳػೳ • ௨৴಺༰Λݟ΍͘͢දࣔ • ௨৴಺༰ͷࠩସ͑ • Map Local / Break Points / Rewrite • ҟৗܥ΍ɺUIͷදࣔ֬ೝʹศར

Slide 40

Slide 40 text

Α͖σόοάϥΠϑΛ

Slide 41

Slide 41 text

Thank you!

Slide 42

Slide 42 text

෇࿥: Charles ͷઃఆ

Slide 43

Slide 43 text

Πϯετʔϧ • μ΢ϯϩʔυͯ͠ dmg ϑΝΠϧΛ࣮ߦ ϋϚΓͲ͜Ζφγ • HomebrewͰ΋ೖΔΈ͍ͨͰ͢ ( ɾ㲆ɾ)ͭ $ brew install charles Windows ͸ .msi , Linux ͸ APT/YUM ͰೖΔ

Slide 44

Slide 44 text

ىಈ • Grant PrivilegesΛ  બ୒ͯࣗ͠ಈઃఆ • ͜Ε͚ͩͰ  ͍͍ͩͨͷΞϓϦͷ  ௨৴಺༰͕ݟΕΔ • SSL(HTTPS)Ͱ҉߸Խ  ͞Ε͍ͯΔ಺༰͸  ઃఆ͕ඞཁʢ࣍ϖʔδʣ

Slide 45

Slide 45 text

SSL ϓϩΩγઃఆ • Enable SSL Proxying ʹνΣοΫ͕ೖ͍ͬͯΔ͜ͱΛ֬ೝ • Proxy > SSL Proxy Settings ͔Β༗ޮʹ͢ΔυϝΠϯΛઃఆʢ* Ͱશ෦ʣ

Slide 46

Slide 46 text

ূ໌ॻΛొ࿥ • Help > SSL Proxying > Install Charles Root Certiﬁcate • ূ໌ॻΛʮৗʹ৴པʯ ݕࡧ૭Λ࢖͏ͱ͍͍͍ͧ

Slide 47

Slide 47 text

SSLͷ௨৴͕ݟΕΔΑ͏ʹͳͬͨ

Slide 48

Slide 48 text

iOS࣮ػͷઃఆ • ઃఆ > Wi-Fi > (઀ଓதͷSSID) > ϓϩΩγΛߏ੒ > खಈ • Charles ͷ IPΞυϨεͱϙʔτ(8888)ΛೖΕΔ IPΞυϨεΛௐ΂ͯiPhoneʹೖྗ͍ͨ͠ͱ͖͸ɺ ͯ͠ɺϢχόʔαϧΫϦοϓϘʔυ΁௥Ճ͢Δͱศར͡Ό ศརͳ͜ͱΛ ڭ͑ͯ͘ΕΔത࢜ • Charles ͷ Help > Local IP Address ϝχϡʔͰίϐʔ ifconﬁg΍MacͷWiFiϚʔΫΛopt+ΫϦοΫͰ΋OK

Slide 49

Slide 49 text

iOS࣮ػͷઃఆ • Charles ʹܨ͍ͰΔঢ় ଶͰ Safari Ͱ https:// chls.pro/ssl ʹΞΫηε ͯ͠ূ໌ॻΛΠϯετʔ ϧ • Ұൠ > ৘ใ > ৴པॻઃ ఆ > Charles Proxy CA Λ Φϯ(iOS10.3ʙ)

Slide 50

Slide 50 text

iOS Simulator ͷઃఆ • Help > SSL Proxying > Install Charles Root Certiﬁcate in iOS Simulator • iOS Simulator ͕͢Ͱʹ্ཱ͕͍ͪͬͯΔ৔߹͸ɺ  Charles → iOS Simulator ͷॱʹ্ཱͪ͛௚͢

Slide 51

Slide 51 text

EOP