How to capture HTTP requests from WeChat mini programs and official accounts on Mac.

Oct 30, 2023#工具 #yakit420

AI Translation

This post is translated from Chinese into English through AI.View Original

AI-generated summary

To reproduce the vulnerabilities of several WeChat mini programs, this guide explains how to capture requests using a Mac. The necessary tools are a Mac, the latest version of WeChat, Proxifier, and yakit. The steps involve setting up a proxy server, configuring proxy rules, selecting the WeChatAppEx Helper app, and starting packet capture with yakit.

To reproduce the vulnerability report of several WeChat mini programs, I have recorded how to capture the requests of mini programs using a Mac.

Tools:

Mac
Latest version of WeChat
Proxifier
Yakit

Open Proxifier and set up the proxy.

Set up the proxy server.

Add port 8083 for Yakit to listen to.

Set up the proxy rules.

Click the "+" button, press "command + shift + G", enter "/Applications/WeChat.app/Contents/MacOS/WeChatAppEx.app/Contents/Frameworks/WeChatAppEx Framework.framework/Versions/C/Helpers".

Note: For the latest version of WeChat, follow the above steps.

Select "WeChatAppEx Helper.app".

After selecting, choose the proxy server set up in the first step.

Start capturing packets.

After setting up, open Yakit to listen and then launch the mini program to start capturing packets normally.