准备工作:
1、红米NOTE5(安卓设备都可以)
2、ProxyPin App 下载
3、Autox.js 下载
一、安装抓包工具、并验证:
安装ProxyPin,这里要将ssl证书安装好,否则部分https数据包抓不到,打开需要抓包的app,测试抓包是否正常。
设置过滤规则(app+域名),方便观察抓包数据。
二、后端接收处理数据
添加ProxyPin脚本将抓到的数据提交至后端应用程序。
async function onRequest(context, request) {
return request;
}
async function onResponse(context, request, response) {
const data = {
request: request,
response: response
};
fetch("后端地址", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify(data),
})
.then((response) => response.json())
.then((data) => {
console.log("Success:", data);
})
.catch((error) => {
console.error("Error:", error);
});
return response;
}
参数定义:
//context
{
"os": "macos",
"scriptName": "Your Script Name",
"session": {} //Runtime session object, parameters can be passed in different requests
}
//request
{
"method": "<String> HTTP Method. for example: GET, POST, ...",
"host": "<String> domain name. for example: www.baidu.com, localhost, ...",
"path": "<String>: URL Path. for example: /v1/api",
"queries": "<Map<String, String>> JS Dictionary object URL parameters",
"headers": "<Map<String, String>> JS All Header key values of the dictionary object",
"body": "<String> Request body string type json format conversion object needs to be called JSON.parse(request.body)",
}
//response
{
"statusCode": 200,
"headers": "<Map<String, String>> JS All Header key values of the dictionary object",
"body": "<String> Response body string type json format conversion object needs to be called JSON.parse(request.body)",
}
三、设置自动化
编写autoxjs自动化脚本,自动打开ProxyPin以及App,参照 地址