折腾:
【未解决】用Charles抓取Android的app中的视频数据
期间,在Charles抓包的某http的method是CONNECT,返回的数据中,HEX模式:
中看到有个:
see current address at https://www.camerfirma.com/address
后记,后来从
Sequence-》选中请求-》下面的response部分-》RAW
中可以看到更加清楚的文字:
UES10U AC CAMERFIRMA10U AC Camerfirma S.A.10U A827432871K0I U BMadrid (see current address at https://www.camerfirma.com/address)1.0,U Camerfirma Corporate Server II - 20150 170422083215Z 190422083215Z0s10UHANGZHOU10 UIT1+0)U "HANGZHOU FEIZHU TECHNOLOGY CO.,LTD10U*. xxx.com10 UCN0"0
想要搞清楚什么意思。
“AC Camerfirma SA provides authentication services to communications and electronic operations in the private sector worldwide. It operates as a third party for assuring electronic transactions through identity authentications that allow enterprises to sign electronic documents with technical and legal safety. The company provides public administration, organization, technical, citizen, and other certificates. It also offers Businesswear, a USB device that is used in electronic signature applications for officials, professional associations, legal representatives, executives, self-employed, sale people, valuation offices, and human resources personnel in small and medium enterprises, large co…”
->做认证的
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008 – Censys
“asic Information
Subject DN
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008
Issuer DN
C=EU, L=Madrid (see current address at www.camerfirma.com/address), serialNumber=A82743287, O=AC Camerfirma S.A., CN=Global Chambersign Root – 2008”
“Common name: Camerfirma Corporate Server II – 2015
Organization: AC Camerfirma S.A.
Location: Madrid (see current address at https://www.camerfirma.com/address), ES
Valid from January 15, 2015 to December 15, 2037 ”
SSL证书
SecureBlackbox:也是和安全有关
“C=EU, L=Madrid (see current address at www.camerfirma.com/address)/serialNumber=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root – 2008″
其他还有:
“C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. – For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority – G3”
看起来都是:
证书,ssl证书
支持的SSL证书
“Camerfirma
* CN=Chambers of Commerce Root – 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU
* CN=Chambers of Commerce Root,OU=http://www.chambersign.org,O=AC Camerfirma SA CIF A82743287,C=EU
* CN=Global Chambersign Root – 2008,O=AC Camerfirma S.A.,serialNumber=A82743287,L=Madrid (see current address at www.camerfirma.com/address),C=EU”
【总结】
现在就很清楚了:
CONNECT cdn2.xxx.cn:443 HTTP/1.1
去建立连接,用户app端点击播放视频时
response中的body中的data数据的最开始部分包含的
see current address at https://www.camerfirma.com/address
对应着是:
Camerfirma这个公司的SSL证书
-》可见,此处的数据应该是https,tls去加密的
-》从此请求的overview信息中,也可以看出来:
TLSv1.2 (TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
【后记】
后来在:
【未解决】给Android手机锤子M1L中安装Charles的pem证书文件
中,Android中 受信任的凭据 中,倒是看到了Camerfirma这个公司的一堆证书:
点击一个看详情:
转载请注明:在路上 » 【已解决】Charles抓包CONNECT返回的数据中see current address at https://www.camerfirma.com/address是什么