To reproduce the vulnerability report of several WeChat mini programs, I have recorded how to capture the requests of mini programs using a Mac.
Tools:
- Mac
- Latest version of WeChat
- Proxifier
- Yakit
Open Proxifier and set up the proxy.
- Set up the proxy server.
Add port 8083 for Yakit to listen to.
- Set up the proxy rules.
Click the "+" button, press "command + shift + G", enter "/Applications/WeChat.app/Contents/MacOS/WeChatAppEx.app/Contents/Frameworks/WeChatAppEx Framework.framework/Versions/C/Helpers".
Note: For the latest version of WeChat, follow the above steps.
Select "WeChatAppEx Helper.app".
After selecting, choose the proxy server set up in the first step.
- Start capturing packets.
After setting up, open Yakit to listen and then launch the mini program to start capturing packets normally.