This is a migrated thread and some comments may be shown as answers.

Cannot See HTTPS Traffic - iOS

0 Answers 357 Views

Mobile

This is a migrated thread and some comments may be shown as answers.

Cynthia asked on 15 Dec 2016, 12:37 PM

Hello,

I'm trying to capture remote traffic of an iOS App but unlike other Apps this one gives a problem.

When i use the app with "Decrypt HTTPS Traffic" enabled, the app simply says "Network Unavailable". I tried using both the root certs (MakeCert and CertEnroll) but still i have the issue.

But i have tried various other apps and they never had an issue like this.

Protocols - <client>;ssl3;tls1.0

CONNECT openapi.starbucks.com:443 HTTP/1.1

Host: openapi.starbucks.com

User-Agent: Starbucks/8540 (iPhone; iOS 10.1.1; Scale/2.00)

Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)

Random: 58 52 8C D0 24 D8 EA E5 7E B2 88 14 60 CF 8E DC 50 83 B5 FE 4A 4E D6 A1 AC 3C F5 29 4B C9 8E 76

"Time": 11/15/2080 6:14:08 AM

SessionID: empty

Extensions:

server_name openapi.starbucks.com

elliptic_curves secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]

ec_point_formats uncompressed [0x0]

signature_algs sha256_rsa, sha1_rsa, sha384_rsa, sha512_rsa, sha256_ecdsa, sha1_ecdsa, sha384_ecdsa, sha512_ecdsa

NextProtocolNego empty

ALPN http/1.1, http/1.0

status_request OCSP - Implicit Responder

SignedCertTimestamp (RFC6962) empty

extended_master_secret empty

Ciphers:

[00FF] TLS_EMPTY_RENEGOTIATION_INFO_SCSV

[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

[C00A] TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

[C009] TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

[C008] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA

[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

[C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA

[C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA

[C012] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

[009D] TLS_RSA_WITH_AES_256_GCM_SHA384

[009C] TLS_RSA_WITH_AES_128_GCM_SHA256

[003D] TLS_RSA_WITH_AES_256_CBC_SHA256

[003C] TLS_RSA_WITH_AES_128_CBC_SHA256

[0035] TLS_RSA_AES_256_SHA

[002F] TLS_RSA_AES_128_SHA

[000A] SSL_RSA_WITH_3DES_EDE_SHA

Compression:

[00] NO_COMPRESSION

HTTP/1.1 200 Connection Established

FiddlerGateway: Direct

StartTime: 18:00:08.035

Connection: close

Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.

Secure Protocol: Tls12

Cipher: Aes128 128bits

Hash Algorithm: Sha256 ?bits

Key Exchange: ECDHE_RSA (0xae06) 256bits

== Server Certificate ==========

[Subject]

CN=openapi.starbucks.com, OU=IT, O=Starbucks Coffee Company, L=Seattle, S=Washington, C=US

[Issuer]

CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US

[Serial Number]

40626739BADBE66F920DB2A9B690F2C2

[Not Before]

3/25/2016 5:30:00 AM

[Not After]

3/27/2017 5:29:59 AM

[Thumbprint]

1A46FFA5F683FB8DDF82D800B70246614A24F002

[SubjectAltNames]

openapi.starbucks.com

Cannot See HTTPS Traffic - iOS

No answers yet. Maybe you can help?