由于微信7.0版本后不再信任手动添加的证书,此例使用Fidder+桌面版微信/UWP Wechat 进行小程序抓包(仅用于小程序调试)

前置任务

安装Fiddler

懂得都懂 fiddler

https://www.telerik.com/download/fiddler

Fiddler

安装FiddlerRoot certificate

信任Fiddler自签证书后即可解密HTTPS传输内容

cert

加密状态下看到的回调类似

1
Referer: https://servicewechat.com/wxbebb3cdd9b331046/279/page-frame.html

Fiddler具体用法

看文档

https://docs.telerik.com/fiddler-everywhere/user-guide/main-menu.html

抓包

Fiddler启动后会开启系统代理http=127.0.0.1:8888;https=127.0.0.1:8888;ftp=127.0.0.1:7890以监听网卡数据

在AutoResponder可以使用正则表达式来过滤想要看到的请求

trans

小程序抓包

清屏后打开小程序,即可看到抓取的数据包

Headers

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
POST https://xcx.www.gov.cn/ebus/gwymp/api/r/pagedisplay/ShowHomeBotmConfig? HTTP/1.1
Host: xcx.www.gov.cn
Connection: keep-alive
Content-Length: 2
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 MicroMessenger/7.0.9.501 NetType/WIFI MiniProgramEnv/Windows WindowsWechat
content-type: application/json
dgd-pre-release: 0
x-tif-did: lrntxntzCv
x-tif-openid: #
x-tif-sid: #
x-yss-city-code: 4400
x-yss-page: pages/index/index
Referer: https://servicewechat.com/wxbebb3cdd9b331046/279/page-frame.html
Accept-Encoding: gzip, deflate, br

{}

解密后的内容

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
    "errcode": 0,
    "errmsg": "",
    "data":
    {
        "face_expire": 0,
        "realname_expire": 0,
        "star_name": "",
        "star_cid": "",
        "name": "",
        "uid": "#",
        "phone": "",
        "cid_start_date": "",
        "cid_expire_date": "",
        "cid_type": "1000",
        "ext_data": ""
    }
    
}

调试工具

推荐使用Postman

https://www.postman.com/downloads/