Cannot See HTTPS Traffic - iOS

1 posts, 0 answers
  1. Cynthia
    Cynthia avatar
    1 posts
    Member since:
    Dec 2016

    Posted 15 Dec 2016 Link to this post

    Hello,

    I'm trying to capture remote traffic of an iOS App but unlike other Apps this one gives a problem.

    When i use the app with "Decrypt HTTPS Traffic" enabled, the app simply says "Network Unavailable". I tried using both the root certs (MakeCert and CertEnroll) but still i have the issue.

    But i have tried various other apps and they never had an issue like this.

    Protocols - <client>;ssl3;tls1.0

    CONNECT openapi.starbucks.com:443 HTTP/1.1
    Host: openapi.starbucks.com
    User-Agent: Starbucks/8540 (iPhone; iOS 10.1.1; Scale/2.00)
    Connection: keep-alive
    Connection: keep-alive
     
    A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
     
    Version: 3.3 (TLS/1.2)
    Random: 58 52 8C D0 24 D8 EA E5 7E B2 88 14 60 CF 8E DC 50 83 B5 FE 4A 4E D6 A1 AC 3C F5 29 4B C9 8E 76
    "Time": 11/15/2080 6:14:08 AM
    SessionID: empty
    Extensions:
        server_name openapi.starbucks.com
        elliptic_curves secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
        ec_point_formats    uncompressed [0x0]
        signature_algs  sha256_rsa, sha1_rsa, sha384_rsa, sha512_rsa, sha256_ecdsa, sha1_ecdsa, sha384_ecdsa, sha512_ecdsa
        NextProtocolNego    empty
        ALPN        http/1.1, http/1.0
        status_request  OCSP - Implicit Responder
        SignedCertTimestamp (RFC6962)   empty
        extended_master_secret  empty
    Ciphers:
        [00FF]  TLS_EMPTY_RENEGOTIATION_INFO_SCSV
        [C02C]  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        [C02B]  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        [C024]  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
        [C023]  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
        [C00A]  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
        [C009]  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
        [C008]  TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
        [C030]  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        [C02F]  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        [C028]  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
        [C027]  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
        [C014]  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
        [C013]  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
        [C012]  TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
        [009D]  TLS_RSA_WITH_AES_256_GCM_SHA384
        [009C]  TLS_RSA_WITH_AES_128_GCM_SHA256
        [003D]  TLS_RSA_WITH_AES_256_CBC_SHA256
        [003C]  TLS_RSA_WITH_AES_128_CBC_SHA256
        [0035]  TLS_RSA_AES_256_SHA
        [002F]  TLS_RSA_AES_128_SHA
        [000A]  SSL_RSA_WITH_3DES_EDE_SHA
     
    Compression:
        [00]    NO_COMPRESSION
     
     
     
    HTTP/1.1 200 Connection Established
    FiddlerGateway: Direct
    StartTime: 18:00:08.035
    Connection: close
     
    Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.
     
    Secure Protocol: Tls12
    Cipher: Aes128 128bits
    Hash Algorithm: Sha256 ?bits
    Key Exchange: ECDHE_RSA (0xae06) 256bits
     
    == Server Certificate ==========
    [Subject]
      CN=openapi.starbucks.com, OU=IT, O=Starbucks Coffee Company, L=Seattle, S=Washington, C=US
     
    [Issuer]
      CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
     
    [Serial Number]
      40626739BADBE66F920DB2A9B690F2C2
     
    [Not Before]
      3/25/2016 5:30:00 AM
     
    [Not After]
      3/27/2017 5:29:59 AM
     
    [Thumbprint]
      1A46FFA5F683FB8DDF82D800B70246614A24F002
     
    [SubjectAltNames]
    openapi.starbucks.com

     

Back to Top