最新消息:20210917 已从crifan.com换到crifan.org

【已解决】Charles抓包CONNECT返回的数据中see current address at https://www.camerfirma.com/address是什么

current crifan 710浏览 0评论
折腾:
【未解决】用Charles抓取Android的app中的视频数据
期间,在Charles抓包的某http的method是CONNECT,返回的数据中,HEX模式:
中看到有个:
https://www.camerfirma.com/address
see current address at https://www.camerfirma.com/address
后记,后来从
Sequence-》选中请求-》下面的response部分-》RAW
中可以看到更加清楚的文字:
UES10U
AC CAMERFIRMA10U
AC Camerfirma S.A.10U    A827432871K0I U BMadrid (see current address at 
https://www.camerfirma.com/address)1.0,U
 Camerfirma Corporate Server II - 20150
170422083215Z
190422083215Z0s10UHANGZHOU10    UIT1+0)U
"HANGZHOU FEIZHU TECHNOLOGY CO.,LTD10U*.
xxx.com10
    UCN0"0
想要搞清楚什么意思。
AC Camerfirma SA: Private Company Information – Bloomberg
“AC Camerfirma SA provides authentication services to communications and electronic operations in the private sector worldwide. It operates as a third party for assuring electronic transactions through identity authentications that allow enterprises to sign electronic documents with technical and legal safety. The company provides public administration, organization, technical, citizen, and other certificates. It also offers Businesswear, a USB device that is used in electronic signature applications for officials, professional associations, legal representatives, executives, self-employed, sale people, valuation offices, and human resources personnel in small and medium enterprises, large co…”
->做认证的
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008 – Censys
https://censys.io/certificates/136335439334a7698016a0d324de72284e079d7b5220bb8fbd747816eebebaca
“asic Information
Subject DN
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008
Issuer DN
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008”
像是全局的 root认证 证书中的信息
“Common name: Camerfirma Corporate Server II – 2015
Organization: AC Camerfirma S.A.
Location: Madrid (see current address at https://www.camerfirma.com/address), ES
Valid from January 15, 2015 to December 15, 2037 ”
SSL证书
Xades – Validating Certificate – Forum «SecureBlackbox»
SecureBlackbox:也是和安全有关
PacketTotal – b6b820c61c34e6aeff7693319fe3b790 Analysis
Certificate Authorities Trusted by the Device
“C=EU, L=Madrid (see current address at www.camerfirma.com/address)/serialNumber=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root – 2008″
其他还有:
“C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. – For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority – G3”
看起来都是:
证书,ssl证书
Supported SSL Certificates
支持的SSL证书
“Camerfirma
* CN=Chambers of Commerce Root – 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
* CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
* CN=Global Chambersign Root – 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
【总结】
现在就很清楚了:
CONNECT cdn2.xxx.cn:443 HTTP/1.1
去建立连接,用户app端点击播放视频时
response中的body中的data数据的最开始部分包含的
see current address at https://www.camerfirma.com/address
对应着是:
Camerfirma这个公司的SSL证书
-》可见,此处的数据应该是https,tls去加密的
-》从此请求的overview信息中,也可以看出来:
TLSv1.2 (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
【后记】
后来在:
【未解决】给Android手机锤子M1L中安装Charles的pem证书文件
中,Android中 受信任的凭据 中,倒是看到了Camerfirma这个公司的一堆证书:
点击一个看详情:

转载请注明:在路上 » 【已解决】Charles抓包CONNECT返回的数据中see current address at https://www.camerfirma.com/address是什么

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
106 queries in 0.199 seconds, using 20.05MB memory