安装

https://www.telerik.com/download/fiddler 下载
image.png

Fiddler的使用

基本配置

  1. 打开Fiddler,显示常用的工具栏

image.png

  1. 配置代理端口

[Tools]—[Options]—[Connections]
image.png
设置 端口,勾选下面对应的选项

开始抓包

  1. 抓取 http://47.100.175.62:3000/ 网站用户的登录的时候的 用户名和密码

登录的请求方式为Post
登录的请求地址为 http://47.100.175.62:3000/signin

  1. 打开Fidddler, 浏览器打开 登录页面 http://47.100.175.62:3000/signin
  2. 在登录页面中输入 用户名和密码 ,点击登录
  3. 在Fiddler 中搜索 http://47.100.175.62:3000/signin 这个对应请求。

小程序抓包实战

抓包之前需要配置Https证书,小程序使用的都是https请求

安装证书

image.png
设置Https 选择抓取Https请求。
安装信任根证书。
image.png

在PC端抓小程序

  1. 从电脑端微信打开小程序 Ele

— 新人推荐
post https://restapi.ele.me/alpaca/v1/recommend/supportor?latitude=31.22114&longitude=121.54409
image.png
服务器返回结果

  1. {"code":"0","data":{"beenLogin":true,"beenRecommendCoupon":true,"buttonList":[{"description":null,"name":"分享红包赚赏金","url":""}],"couponAmount":1500,"couponBeforeAmount":null,"couponButtonText":"去使用","couponCondition":0,"couponDeliveryLabel":"","couponEndTime":1626451199,"couponExpandAmount":0,"couponId":200050778516444298,"couponName":"新人补贴","couponStatus":1,"couponTag":"","couponType":"SUBSIDY","deliveryCoupon":{"couponList":[],"shopInfo":null,"size":0},"downgradeSupportText":null,"focusWeChatOffAcc":false,"hasCoupon":false,"isHideShare":false,"isMyself":false,"newUserSpecialModule":{"displayMore":"查看更多","jumpUrl":"https://tb.ele.me/wow/alsc/mod/133f893481f061629502d660?from=wx","loginTitle":"新人特价菜|红包全场通用","productList":[{"activityType":null,"imageHash":"5b0730629c7f9565d064c413bd34cf0djpeg","itemId":629284904687,"nowPrice":"12.0","oldFoodId":"200121439719","originalPrice":"12.0","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"12","productName":"鲜肉生煎(4只)","productType":"SALES","shopId":"2032043134","shopLogoHash":"ce681ca62ac1a3a3b90a383338acdc9apng","shopName":"大壶春生煎(崂山路店)","skuId":"200000517611748512","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"500c01cd480fab6507fc29b66191fd76jpeg","itemId":629694809253,"nowPrice":"16.0","oldFoodId":"2000000094921514","originalPrice":"16.0","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"16","productName":"悸动烧仙草大杯","productType":"SALES","shopId":"2041830424","shopLogoHash":"31734D3179AD49D0882716427E5BBE90jpeg","shopName":"悸动烧仙草(博山路店)","skuId":"300000097184938428","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"c02e39f173bad8e317a20c79ed639800jpeg","itemId":629716869747,"nowPrice":"19.96","oldFoodId":"2000000059934792","originalPrice":"49.9","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"19.96","productName":"霸道牛肉单人套餐+8样配菜+米饭1份","productType":"SALES","shopId":"500895494","shopLogoHash":"3CF034621667462CA0D54A8D8CDA02E0png","shopName":"陈记麻辣香锅(陆家嘴店)","skuId":"300000061383864752","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"1095960ca2e73120aabc4744dca45fbcjpeg","itemId":629354032148,"nowPrice":"18.88","oldFoodId":"2000000034705714","originalPrice":"18.88","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"18.88","productName":"蛋炒米粉","productType":"SALES","shopId":"2042712684","shopLogoHash":"f6b65fd5374348ddcb9ed166bad8f602JPEG","shopName":"沙县小吃(东方路店)","skuId":"300000035569996374","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"96057029fdc40c72fa16b8f80dd7980ajpeg","itemId":629355188972,"nowPrice":"19.9","oldFoodId":"45346241","originalPrice":"32.0","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"19.9","productName":"6寸金枪鱼三明治","productType":"SALES","shopId":"522279","shopLogoHash":"28A9D37A675B432EAD065053B4DAA2C5png","shopName":"赛百味·三明治(96广场店)","skuId":"17206012223","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"86d3b084c8987c4a8b365a189fb3d9f4jpeg","itemId":630148463932,"nowPrice":"19.0","oldFoodId":"2000000231172872","originalPrice":"19.0","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"19","productName":"冻柠茶(大杯)","productType":"SALES","shopId":"161916426","shopLogoHash":"DB5F76707ACD48A8A83CFE542ADDAC74jpeg","shopName":"桂源铺(世纪汇广场店)","skuId":"300000236711392838","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"8b6772c5b29d7d1e748cabf5d161cfd2jpeg","itemId":629690073591,"nowPrice":"12.0","oldFoodId":"200058775601","originalPrice":"12.0","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"12","productName":"生煎1.5两(6只)","productType":"SALES","shopId":"300105258","shopLogoHash":"f2b3afda7a3feaaaba60775d3ee12c45jpeg","shopName":"任记生煎(苗圃路店)","skuId":"200000453453355986","strategyPlanId":"65003","tppBucket":null},{"activityType":null,"imageHash":"20627bc60c4b81c3bca73db6007bfe1ajpeg","itemId":629353396947,"nowPrice":"13.99","oldFoodId":"2000000088030540","originalPrice":"37.99","paymentLabelText":null,"planId":"65003","priceLeftText":"补贴后","priceRightText":"13.99","productName":"【镇店之宝】原味螺蛳粉","productType":"SALES","shopId":"2056434933","shopLogoHash":"98F6AEEF3C4848FEA3236A3752925A9Bpng","shopName":"大铁牛螺狮粉(浦东大道店)","skuId":"300000090175619267","strategyPlanId":"65003","tppBucket":null}]},"noLongMaxPrice":null,"puritySwitch":false,"remainTime":45703,"strCouponId":"200050778516444298","subText":null,"subTitle":"恭喜获得新人红包,快去下单","subTitleStyle":null,"supportSwitch":true,"taskInfo":{"buttonText":"","component":null,"endTime":0,"finishPop":null,"hasPopup":false,"hasTask":false,"startTime":0,"strTaskId":"0","taskId":0,"taskPopupTitle":"","taskStatus":0,"taskType":0},"userType":1},"message":"SUCCESS"}

使用过滤器

image.png
默认在抓包的过程中,会拦截所有的网络请求,给抓包有一些冗余, 使用过滤器可以去除哪些我们不需要的请求,

抓取饿了么小程序中请求

通过分析所有的请求,发现小程序的进程如下
image.png

配置过滤器

打开Filter 功能
image.png
开启Filter 功能
image.png
选择要抓取的进程信息
image.png

image.png
使用 过滤器
选择【Run Filterset now】
image.png

现在发现找到的所有的请求都是 饿了么的请求
image.png

Fiddler 证书问题

下载fiddler证书生成文件,双击安装 重启Fiddler 即可
fiddlercertmaker.zip
image.png
再在Fiddler中重置以下 Https证书。
image.png

电商小程序抓包

对应的接口文档
image.png
image.png

  1. 在小程序通过抓包 找到找到添加购车的api
    1. 添加Fiddler 过滤器

image.png
b. 打开商品到达购物车页面
image.png
c. 点击确定, 观察Fiddler 中找到的请求。
image.png

前置断点调试

任务更改添加购物车的数量。
默认商品只能加入购物车两个。

  1. 先将页面到达 加入购物车页面。 准备开始抓包

image.png

  1. 打开 Fiddler 【Rules】—【Automatic Breakpoints】—[Before Rrequests]

前置断点(修改请求中的数据)
image.png

  1. 在页面中操作加入购物车 在Fiddler 中拦截到请求之后修改数据, 修改完成之后 点击【run to complete】

image.png
image.png
测试完成之后,关闭断点
image.png

总结

前置断点 主要是验证服务器后端对前端发送的数据是否添加了二次认证。通过修改请求数据来验证功能,
添加购物车的限制,以及购买数量。

后置断点

  1. 选择 打开 After Response

image.png
找到对应的价格 进行 修改
image.png
修改成功之后看到页面中的数据。
image.png

总结

前置断点 修改 请求中的数据,
后置断点 修改 修改的是服务器返回的内容。只会对你使用的客户端中的数据产生影响,不会影响服务器内部的数据。