How to monitor iPhone's HTTP traffic
I usually wonder how my iPhone apps communicate with their servers. I had a debate with my ex-coworker about the security of app communication. He thinks we can use simple HTTP protocol for app communication, including authentication. But I insist that we should use more secure way for transmission in apps.
Let me use an example to demonstrate how little an app protects the content and how easy it is to monitor the traffic of an iPhone app.
According to Apple’s document here. I choose tcpdump and take 7-11 Taiwan app as an example.
This app provides coupon for Starbucks. I want to get the content of this coupon.
1. Connect Device
- Connect your iPhone to your Mac via USB.
2. Remote Control
- use rvictl to connect your device via UUID (20 characters, you can find it in iTunes or organizer in XCode)
>rvictl -s UUID |
3. Check whether your device is activated
> rvictl -l |
4. Start monitering
Simplest way
sudo tcpdump -n -t -i rvi0 -q -A tcp |
Including request and response headers and message body
sudo tcpdump -t -i rvi0 -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' |
GET Only
sudo tcpdump -t -i rvi0 -s 0 -A 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420' |
POST Only
sudo tcpdump -t -i rvi0 -s 0 -A 'tcp dst port 80 and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)' |
Result
The result will be like this
IP XXXXXXXX.61956 > static-ip-38-69-56-61.rev.dyxnet.com.http |
Wow ~ http://event.e21magicmedia.com.tw/Starbucks/act_ns/2013_chrismas/index.html
Now you can get the Christmas discount(Buy 1 get 1 free) without downloading the app.
Then you can use Chrome Developer Tool and inspect the image for you
Wrap Up
Don’t use simple web view to protect your content. HTTPs and session based authentication could be a better solution.
This article can be only used for education. All rights of images belong to original company
Reference :
Can I use tcpdump to get HTTP requests, response header and response body?
Remote Packet Capture for iOS Devices