WebSocket

How to capture and decrypt Websocket (WS/WSS) from iOS devices / simulators with Proxyman. Works with Google Chrome Web Browser or websocket from NodeJS, Python, Golang Backend Server

PreviousProtobuf NextClear Session

Last updated 1 month ago

WebSocket

How to capture and decrypt Websocket (WS/WSS) from iOS devices / simulators with Proxyman. Works with Google Chrome Web Browser or websocket from NodeJS, Python, Golang Backend Server

1. What's it?

Proxyman could capture WebSocket (WS) and Secure WebSocket (WSS) traffic and easily preview it.

Capture WS/WSS from iOS Physical devices and iOS Simulator (Required )
Capture WS/WSS from Web Browser and Mac applications.
Capture WS/WSS from Android Physical devices or Android Emulators.
Prettier WebSocket Message.
Filter All / Sent / Received messages.
See the content in JSON / Tree Preview / HEX format.
Customize Columns: Frame, Length, Data, Time, ...
Auto-decode Binary Message to JSON if possible
Open WebSocket messages by external Editors, such as Sublime, VSCode

2. Capture WS/WSS from iOS

If your iOS app is using URLSessionWebSocketTask or iOS WebSocket libraries, e.g. Starscream, SocketRocket, etc. Proxyman might not be able to capture WS/WSS traffic.

Reason: Apple's intention. URLSessionWebSocketTask doesn't respect the System HTTP Proxy. All WS/WSS traffic goes directly to the Internet. Thus, Proxyman or Charles Proxy can't capture it.
Example Ap:

✅ Solution 1 (Recommended for iOS 17 or later)

Proxyman Setup: Tools > Proxy Settings > SOCKS Proxy settings -> Enable it (Take note of the port)
On the main Proxyman app -> Take note of a current IP in the Proxyman Tools bar

On your app: Configure a SOCK Proxy in your App, make sure this is only available for debug builds by implementing a switch or something, you might not want your release build with this configuration.

For NWConnection

let parameters = webSocketURL.scheme == "wss" ? NWParameters.tls : NWParameters.tcp

let options = NWProtocolWebSocket.Options()
options.autoReplyPing = true

parameters.defaultProtocolStack.applicationProtocols.insert(options, at: 0)

if #available(iOS 17.0, *) {
    let socksv5Proxy = NWEndpoint.hostPort(host: "x.x.x.x", port: 8889) //  Please x.x.x.x with a real Proxyman IP
    let config = ProxyConfiguration.init(socksv5Proxy: socksv5Proxy)
    let context = NWParameters.PrivacyContext(description: "my socksv5Proxy")
    context.proxyConfigurations = [config]

    parameters.setPrivacyContext(context)
}

let connection = NWConnection(to: .url(webSocketURL), using: parameters)
connection.start(queue: .main)

For URLSession and URLSessionWebSocketTask

private lazy var urlSession: URLSession = {
    let config = URLSessionConfiguration.default
    if #available(iOS 17.0, *) {
        let socksv5Proxy = NWEndpoint.hostPort(host: "x.x.x.x", port: 8889) //  Please x.x.x.x with a real Proxyman IP
        let proxyConfig = ProxyConfiguration.init(socksv5Proxy: socksv5Proxy)
        config.proxyConfigurations = [proxyConfig]
    }

    return URLSession(configuration: config, delegate: nil, delegateQueue: nil)
}()

Done ✅

✅ Solution 2

3. Capture WebSockets from your Web Browser (Chrome, Safari, etc)

Proxyman can capture WS/WSS from a Web Browser out of the box. No need to configure anything.
How to use: Open Google Chrome -> Visit your website that makes a WS/WSS connection -> Open Proxyman -> Find your websocket domains -> On the Response Panel -> Click Enable SSL Proxying on these domains. Open your Browser, and reload your website -> Proxyman will capture and decrypt WS/WSS ✅

4. Capture Websocket from NodeJS, Golang, Python Server

Proxyman can capture WS/WSS from your NodeJS, Golang, Python, and Ruby server.
How to use: Read Automatic Setup to start your server on this Terminal -> Make a WS/WSS connection -> Proxyman automatically captures and decyrpts it ✅

5. Map Websocket from Localhost <-> Production

PreviousProtobuf NextClear Session

Last updated 1 month ago