Setting Up Charles Proxy on MacOS
This is a brief overview on how to setup Charles Proxy on MacOS to sniff traffic on an iPhone.
This tutorial assumes you have a host– a computer, and a client — in this case, a mobile device connected to the same network.
To be able to sniff the data, you need to install a copy of Charles Proxy (free trial) on the host.
Next, find out what your host’s connected IP address is. You can get this information by going to System Preferences > Network
Open up your client and configure your HTTP proxy settings to point to your host’s connected IP address and the default Charles port 8888. Do this by going to Settings > WiFi and tapping on the (i) next to your currently connected WiFi.
At this point, if Charles is recording, you’ll probably see a flurry of traffic from both your host and your client. All of this traffic is encrypted with SSL, which makes it useless to us and looks like this:
For us to be able to view the client’s traffic, we need to install the Charles SSL certificate on the client. To do this go to chls.pro/ssl on the client and install the certificate on the device. You may need to go into Settings to finish installation.
Note that on iOS 10 and later you must then go into Settings > General > About > Certificate Trust Settings and enable the Charles certificate to be trusted.
Next, in Charles (on the host), go to Proxy menu header > SSL Proxying Settings. Click Add and put a * in the Host and Port fields.
And you’re done! You should be able to see the traffic from your client on Charles. Click on a request and you can see the query, headers, body and response for each request that your host and client make in plain text.
You can now see every request your machine is making and receiving from the outside world!
