下载安装

https://telerik-fiddler.s3.amazonaws.com/fiddler/FiddlerSetup.exe

Fiddler设置

查电脑ip
开始菜单输入cmd打开命令行，在里面输入ipconfig | findstr "IPv4"就可以看到电脑局域网ip
我的ip是10.13.0.6

手机设置
长按wifi，选择高级、代理为手动、填写电脑ip、端口8888。

安装证书
安装证书才可以抓到https的数据包。打开手机浏览器，输入证书网址ip+port
比如我的是 10.13.0.6:8888打开证书界面，FiddlerRoot certificate安装证书。

证书网页打不开
如果在手机浏览器上打不开证书网址 ，输入ip+port比如我的是 10.13.0.6:8888打不开怎么办不要急，先在电脑浏览器上打开证书网址。如果打不开的话，请检查你Fiddler版本和Fiddler设置。如果电脑可以正常打开证书网址，而手机打不开，那就设置下防火墙。还有一次情况是这样的、手机上就是打不开、当时是手机升级版本了、也不知道怎么处理、但是手机浏览器一直开着在尝试打开10.13.0.6:8888、过了大概五分钟自动打开了。

开始→控制面板→Windows 防火墙→允许程序→勾上Fiddler就可以了

捕获不到app的网络请求
targetSdkVersion 28 后android 9.0手机抓不到包。手机已经做出上述设置了、然后可以成功捕获手机chrome浏览器发出的网络请求、但是自己写的app的网络请求捕捉不到，最后排查发现是 targetSdkVersion 28 抓不到包。targetSdkVersion 28 会导致Cleartext HTTP traffic to not permitted 错误。解决方案有很多，比如在AndroidManifest.xml配置文件的标签中直接插入

android:usesCleartextTraffic="true" 

Android 禁止代理抓包
https://blog.csdn.net/chenhuakang/article/details/

 / * Same as {@link #openConnection()}, except that the connection will be * made through the specified proxy; Protocol handlers that do not * support proxing will ignore the proxy parameter and make a * normal connection. * * Invoking this method preempts the system's default ProxySelector * settings. * * @param proxy the Proxy through which this connection * will be made. If direct connection is desired, * Proxy.NO_PROXY should be specified. * @return a <code>URLConnection</code> to the URL. * @exception IOException if an I/O exception occurs. * @exception SecurityException if a security manager is present * and the caller doesn't have permission to connect * to the proxy. * @exception IllegalArgumentException will be thrown if proxy is null, * or proxy has the wrong type * @exception UnsupportedOperationException if the subclass that * implements the protocol handler doesn't support * this method. * @see java.net.URL#URL(java.lang.String, java.lang.String, * int, java.lang.String) * @see java.net.URLConnection * @see java.net.URLStreamHandler#openConnection(java.net.URL, * java.net.Proxy) * @since 1.5 */ public URLConnection openConnection(Proxy proxy) throws java.io.IOException { if (proxy == null) { throw new IllegalArgumentException("proxy can not be null"); } // Create a copy of Proxy as a security measure Proxy p = proxy == Proxy.NO_PROXY ? Proxy.NO_PROXY : sun.net.ApplicationProxy.create(proxy); SecurityManager sm = System.getSecurityManager(); if (p.type() != Proxy.Type.DIRECT && sm != null) { InetSocketAddress epoint = (InetSocketAddress) p.address(); if (epoint.isUnresolved()) sm.checkConnect(epoint.getHostName(), epoint.getPort()); else sm.checkConnect(epoint.getAddress().getHostAddress(), epoint.getPort()); } return handler.openConnection(this, p); } 

抓包https
如果抓不到https包，请增加如下配置
src/main/res/xml/network_security_config.xml
内容如下

<?xml version="1.0" encoding="utf-8"?> <network-security-config> <base-config cleartextTrafficPermitted="true"> <trust-anchors> <certificates src="system" /> </trust-anchors> </base-config> <!-- https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/--> <debug-overrides> <trust-anchors> <!-- Trust user added CAs while debuggable only --> <certificates src="user" /> </trust-anchors> </debug-overrides> </network-security-config> 

然后在application中引用

<application android:networkSecurityConfig="@xml/network_security_config" >