banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

How to capture HTTP requests from WeChat mini programs and official accounts on Mac.

To reproduce the vulnerability report of several WeChat mini-programs, I have recorded how to capture the requests of mini-programs using a Mac.

Tools:

  • Mac
  • Latest version of WeChat
  • Proxifier
  • Yakit

Open Proxifier and set up the proxy.

  1. Set up the proxy server.

Proxy Server

Add port 8083 for Yakit to listen to.

Yakit Port

  1. Set up the proxy rules.

Proxy Rules

Proxy Rules 2

Click the plus sign, press command + shift + G, enter /Applications/WeChat.app/Contents/MacOS/WeChatAppEx.app/Contents/Frameworks/WeChatAppEx Framework.framework/Versions/C/Helpers.

Note: Follow the above steps for the latest version of WeChat.

WeChat Helper

Select "WeChatAppEx Helper.app".

Select Helper

After selecting, choose the proxy server set up in the first step.

Select Proxy Server

Select Proxy Server 2

  1. Start capturing packets.

After setting up, open Yakit to listen, then launch the mini-program and start capturing packets normally.

Start Capturing

Capturing Packets

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.