【发布时间】:2023-11-20 14:38:01
【问题描述】:
有人在捕捉 snapchat 流量时发现了这个问题吗?
Fiddler 成功捕获了通过应用程序(ios、android)从其他站点获取的每个 https 数据,但一些应用程序(appstore、snapchat)仅显示该请求:
CONNECT app.snapchat.com:443 HTTP/1.1
Host: app.snapchat.com
User-Agent: Snapchat/10.8.1.0 (iPhone8,1; iOS 10.2.1; gzip)
Connection: keep-alive
Connection: keep-alive
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: 59 23 9E E1 1C 23 49 F1 A1 21 6E 60 C5 94 AB E2 9F 09 10 C3 E0 C3 99 9B 78 9B 97 1F 74 69 5F 1C
"Time": 2089.12.12. 15:48:57
SessionID: empty
Extensions:
server_name app.snapchat.com
elliptic_curves secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
ec_point_formats uncompressed [0x0]
signature_algs sha256_rsa, sha1_rsa, sha384_rsa, sha512_rsa, sha256_ecdsa, sha1_ecdsa, sha384_ecdsa, sha512_ecdsa
NextProtocolNego empty
ALPN http/1.1, http/1.0
status_request OCSP - Implicit Responder
SignedCertTimestamp (RFC6962) empty
extended_master_secret empty
Ciphers:
[00FF] TLS_EMPTY_RENEGOTIATION_INFO_SCSV
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
[C00A] TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
[C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
Compression:
[00] NO_COMPRESSION
畅通无阻的工作怎么办?
进一步扩展此问题,提琴手(或其他拦截器)无法捕获所有 https 数据,但他们的 Connect 握手的原因是什么?
【问题讨论】:
标签: https fiddler packet-capture packet-sniffers snapchat