Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

linux 平台无法抓包 #1037

Closed
ponponon opened this issue Jan 17, 2024 · 12 comments
Closed

linux 平台无法抓包 #1037

ponponon opened this issue Jan 17, 2024 · 12 comments

Comments

@ponponon
Copy link

ponponon commented Jan 17, 2024
edited
Loading

我在 ubuntu22.04 和 debian12 都测试了,运行 w2 restart --init 会下面的内容

─➤  w2 restart --init
[i] whistle@2.9.63 restarted
[i] 1. use your device to visit the following URL list, gets the IP of the URL you can access:
       http://127.0.0.1:8899/
       http://192.168.31.245:8899/
       http://172.26.0.1:8899/
       http://172.21.2.1:8899/
       http://172.21.3.1:8899/
       http://172.21.1.1:8899/
       http://172.21.0.1:8899/
       http://172.21.10.1:8899/
       Note: If all the above URLs are unable to access, check the firewall settings
             For help see https://github.com/avwo/whistle
[i] 2. set the HTTP proxy on your device with the above IP & PORT(8899)
[i] 3. use Chrome to visit http://local.whistlejs.com/ to get started
Platform linux is unsupported to set global proxy for now.
Platform linux is unsupported to install root CA for now.

且无法抓包,手机访问某些网站直接无法访问,w2 web 界面上也看不到对应的包

> 已经在手机上安装 rootca.pro 证书

图片

但是把 w2跑在 mac 下面就是一切正常,w2没有异常输出,手机的数据也可以被 mac 上的 w2 抓包到

╭─ponponon@MBP13ARM ~
╰─➤  w2 restart                                                                                                                                                                                       130 ↵
[i] whistle@2.9.61 restarted
[i] 1. use your device to visit the following URL list, gets the IP of the URL you can access:
       http://127.0.0.1:8899/
       http://192.168.31.103:8899/
       Note: If all the above URLs are unable to access, check the firewall settings
             For help see https://github.com/avwo/whistle
[i] 2. set the HTTP proxy on your device with the above IP & PORT(8899)
[i] 3. use Chrome to visit http://local.whistlejs.com/ to get started
@avwo
Copy link
Owner

avwo commented Jan 18, 2024

linux 要自己手动安装根证书 https://wproxy.org/whistle/webui/https.html

@avwo avwo closed this as completed Jan 18, 2024
@ponponon
Copy link
Author

linux 要自己手动安装根证书 https://wproxy.org/whistle/webui/https.html

linux 下使用 Whistle, 去哪里下载 rootCA.crt

https://wproxy.org/whistle/webui/https.html 这个教程只说要下载 rootCA.crt ,但是没说 linux 下怎么下载。上面只有一个二维码,我的 linux 服务器也没有摄像头呀

@ponponon
Copy link
Author

linux 要自己手动安装根证书 https://wproxy.org/whistle/webui/https.html

linux 下使用 Whistle, 去哪里下载 rootCA.crt

https://wproxy.org/whistle/webui/https.html 这个教程只说要下载 rootCA.crt ,但是没说 linux 下怎么下载。上面只有一个二维码,我的 linux 服务器也没有摄像头呀

我知道了,先启动 w2

─➤  w2 start --init
[!] whistle@2.9.63 is running
[i] 1. use your device to visit the following URL list, gets the IP of the URL you can access:
       http://127.0.0.1:8899/
       http://192.168.168.42:8899/
       Note: If all the above URLs are unable to access, check the firewall settings
             For help see https://github.com/avwo/whistle
[i] 2. set the HTTP proxy on your device with the above IP & PORT(8899)
[i] 3. use Chrome to visit http://local.whistlejs.com/ to get started
Platform linux is unsupported to set global proxy for now.
Platform linux is unsupported to install root CA for now.

然后找个浏览器打开上面的地址,然后选择 HTTPS

图片

在点击二维码,就会自动下载

图片

@ponponon
Copy link
Author

ponponon commented Jan 18, 2024
edited
Loading

linux 要自己手动安装根证书 https://wproxy.org/whistle/webui/https.html

╰─➤  w2 start --init
[i] whistle@2.9.63 started
[i] 1. use your device to visit the following URL list, gets the IP of the URL you can access:
       http://127.0.0.1:8899/
       http://192.168.168.42:8899/
       Note: If all the above URLs are unable to access, check the firewall settings
             For help see https://github.com/avwo/whistle
[i] 2. set the HTTP proxy on your device with the above IP & PORT(8899)
[i] 3. use Chrome to visit http://local.whistlejs.com/ to get started
Platform linux is unsupported to set global proxy for now.
Platform linux is unsupported to install root CA for now.
(wechatimagesearch-BoMovYbH) ╭─pon@wechat-console ~/code/work/vobile-it/wechatimagesearch  ‹master*› 
╰─➤  w2 restart     
[i] whistle@2.9.63 restarted
[i] 1. use your device to visit the following URL list, gets the IP of the URL you can access:
       http://127.0.0.1:8899/
       http://192.168.168.42:8899/
       Note: If all the above URLs are unable to access, check the firewall settings
             For help see https://github.com/avwo/whistle
[i] 2. set the HTTP proxy on your device with the above IP & PORT(8899)
[i] 3. use Chrome to visit http://local.whistlejs.com/ to get started
图片

但是我给 linux 安装了 rootCA.crt ,然后 linux 上的 w2 还是看不到手机的流量包 @avwo

╰─➤  ll /usr/share/ca-certificates/ | grep root
1080550 drwxr-xr-x      2    -      - root root  17 1月  14:11 mozilla
1106254 .rw-r--r--      1 1.5k      8 root root  18 1月  18:27 rootCA.crt
(wechatimagesearch-BoMovYbH) ╭─pon@wechat-console ~/code/work/vobile-it/wechatimagesearch  ‹master*› 
╰─➤  cd /usr/share/ca-certificates/
(wechatimagesearch-BoMovYbH) ╭─pon@wechat-console /usr/share/ca-certificates  
╰─➤  su -
密码: 
root@wechat-console:~# reboot^C
root@wechat-console:~# ^C
root@wechat-console:~# echo "rootCA.crt" >> /etc/ca-certificates.conf && update-ca-certificates^C
root@wechat-console:~# cd /usr/share/ca-certificates/
root@wechat-console:/usr/share/ca-certificates# 
root@wechat-console:/usr/share/ca-certificates# 
root@wechat-console:/usr/share/ca-certificates# 
root@wechat-console:/usr/share/ca-certificates# echo "rootCA.crt" >> /etc/ca-certificates.conf && update-ca-certificates
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
root@wechat-console:/usr/share/ca-certificates# trust list | grep -i whistle
    label: whistle.1705573127768146

这个也勾选了

图片

安卓手机也安装证书了

手机是小米 14

图片

图片

图片

我的 linux 服务器是 debian12

╰─➤  cat /etc/os-release           
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

@avwo
Copy link
Owner

avwo commented Jan 18, 2024

ssl pinning 暂时无常规解

@ponponon
Copy link
Author

ssl pinning 暂时无常规解

是不是我要抓取的这些,只能是 w2+mac 或者 w2+win 才行?因为 mac 下我验证过是正常的,但是想把 w2 部署到 linux 服务器的时候,发现 w2 抓不到之前部署在 mac 上的那种包了

@ponponon
Copy link
Author

ponponon commented Jan 18, 2024
edited
Loading

我发现可以抓包了

图片

解决办法是,我的小米14 上的 rootca.pro 的证书是来自 mac 上的 w2

然后我把小米14 上的证书都删除(清除凭证)

重新打开浏览器输入 rootca.pro 下载 debian12 上的 rootCA.crt 再安装就好了,就能抓包了

图片

所以如果重新安装了 w2,是不是 rootCA.crt 证书内容会发生变化需要重新安装?

@ponponon
Copy link
Author

ssl pinning 暂时无常规解

如果重新安装了 w2,是不是 rootCA.crt 证书内容会发生变化需要重新安装?

@avwo
Copy link
Owner

avwo commented Jan 18, 2024

不需要

@ponponon
Copy link
Author

ponponon commented Jan 18, 2024
edited
Loading

图片

我对比了一下现在新的 linux 上的 rootCA.crt 内容和之前在 mac 上生成的 rootCA.crt ,发现内容是不一样的

@ponponon
Copy link
Author

图片

我对比了一下现在新的 linux 上的 rootCA.crt 内容和之前在 mac 上生成的 rootCA.crt ,发现内容是不一样的

是不同机器会生成的 rootCA.crt 会不一样,还是不同操作系统生成的 rootCA.crt 会不一样?

@avwo
Copy link
Owner

avwo commented Jan 18, 2024

对,不同机器或同一系统不同账号不同

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@avwo @ponponon