Using Postern + Charles to capture network

1. Install Postern on your android device and install Charles on your computer

Postern @Github
Charles official website
After charles installed, you can go to https://www.zzzmode.com/mytools/charles/ to activate charles.

2. Set up charles

click “Proxy” on top bar and chose “Proxy settings…”
modify Http proxy and Socks proxy, the default port is “8888” and it may cause port occupied by some other programs like jupyter notebook, change the port of notebook or charles to solve this issue.

3. Set up Postern

Use charles to check your IP:
click “Help” on top bar and choose “Local IP Address”, it shows like this:

your IP always starts with “192.168.xx.xx”
Now go to your android device and open Postern, tap the left bar and choose “Proxy”, then tap “Add Proxy”. Input your IP address and server port, set server type to “SOCKS5” to capture more network. (modify Server Name whatever you want, this one is not important), then tap “Save”.


Then tap “Rules” on left bar and create a new rule by tapping “Add Rule”, choose “Proxy/Proxy Group” to the proxy you just set up, and save this rule.

turn on the VPN, usually you can see a key shaped icon(or the word of “VPN”) in your device’s top status bar.

Now, you should successfully capture the Http network in your android device. But you need more settings to capture Https web traffic.

Click “Proxy” on top bar of charles and choose “SSL Proxy Settings”, below the first function “SSL Prxoy”, add a new rule, we need to capture all the https network, so we need to set it to "Host: * , Port: 443"

Next step, we need to set up the Certificate on your device.
Click “Help” on top bar of charles and choose “SSL Proxy” --> “Install Charles Root Certificate on a Mobile Device or a Remote Browser”, then a dialog box will show up and tell you how to install it in detail.

But be ware that, you may have mutiple IP address, the IPv4 IP address you are using always starts with ‘192.168.xx.xx’, so in this case, the real IP you need to set is not ‘172.17.0.1’, you need to check by clicking “Help–>Local IP Address” in charles. The second IP is what we need.

Now, terminate Postern on your device. Go to system settings, tap “Network & Internet”, find the WIFI which both your computer and phone are using, edit it. Set the proxy method to “Manual”, and also “Proxy hostname: 192.168.28.126, Proxy port: 8888”, save it.
Open one browser, go to url: chls.pro/ssl, it can see the web like this.

your browser will start downloading the certificate.
After it downloaded, go to phone system settings --> Security & location --> Advanced --> Encryption & credentials --> Install from storage, select the certificate you just downloaded before and install it.
You can find it in “User credentials”, but it’s not enough, we need to make the user credentials to “Trusted credentials”. You can use some other tools to help you achieve this e.g. MT管理器, Magisk中的 Move Certificates模块. Follow the “Charles 手机证书配置” in my previous article https://blog.csdn.net/puppyinasock/article/details/129859887 to finish it.

After the certificate set up, set your wifi proxy to “None” and turn on Postern to start capturing!

4. Enable International network

Sometimes the target app or website needs international network, to enable this, go to charles, click “Proxy” --> “External Proxy Settings”. set Web Proxy Server of HTTP and HTTPS to 127.0.0.1:7890(by your proxy settings) and SOCKS Proxy to “127.0.0.1:7891”,

that’s it.