Technology Blog

Partners

WhichIsBest

Ads

ads
WhichIsBest

Monday, April 7, 2014

How to edit requests and responses, hack, test and tamper with data to websites from browser using Charles web debugging proxy?

Though browsers are very comfortable, ever wondered what’s going on underneath it?
What is it sending and receiving when we visit a webpage?
Can I change it manually? What happens if I try to comment 100 times the same thing?
Wanna hack that Facebook game, or play around with request, response or headers?



Get introduced to Charles - Web debugging proxy Application.

Get it from here and install it.
Open the application & this is how it looks.


Note the two enabled buttons
1.    Record - Starts recording all requests and responses from your PC (only browser traffic)
2.    Breakpoint – Enables you to pause a request for viewing, editing before sending to the web server.

Now open a browser and goto your favourite website.
For beginners, I am opening dictionary.com and searching for the word “hello”
Now go to Charles and you should see something like this.

Select the website you want to see and you can see a lot of information on the right side.
Note the search string “hello” in there.
Play around with the tabs and you see things such as, what request is sent, what response is received, in how much time, etc


In the bottom also you can find a few tabs to see various formats of data. 


QueryString shows you the url parameters sent, Raw is the format in which the browser sends the actual data, Headers are meta data of your browser, OS etc.

Ok now that we can see a soup of data, how to edit them?
We have the breakpoint for that, if you're a programmer, you'd have heard your teacher say 'use breakpoints in debugging the code'. (
a web developer? you might have heard firebug). This is the same, but better.
 

Right click on the website name and select breakpoint.


Now interactions with this website are under your control!!
Let’s try searching again for “hello world” now.
Immediately when I click search, the Charles window pops open.
This is the middle step of my request before being sent to the website, now I change the request to “hello world welcome!!” as shown and clicking execute. Charles now displays the response from the website. Clicking execute again, the browser blindly displays the result for edited search.


Check out the resulting web page
The actual search was just “hello world” but we interrupted in between to change it to “hello wold welcome!!”
This is just a tip of ice-berg on the uses and applications of Charles. Actually a lot could be done. I use it mostly to test my websites. It’s popularly used for hacking Facebook games.

You can try options like Repeat, Copy URL, Block cookies etc.

Check out the features of Charles listed in charlesproxy.com,

Please be noted this tutorial is for only educational purpose and be responsible, while we'll back with more posts on this wonderful tool. In case you've any doubt, please leave comments.

17 comments:

  1. The information that you have shared was really very useful and looks great to see and thanks for sharing the information with us.
    Web Design Company in Coimbatore | Best IT Company in Coimbatore

    ReplyDelete
  2. Boss can it freeze time and reedit the time, then sent to database....? is it permenent?

    ReplyDelete
  3. Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.
    Selenium Training in Bangalore | Selenium Training in Bangalore | Selenium Training in Bangalore | Selenium Training in Bangalore

    ReplyDelete
  4. I admit, I have not been on this web page in a long time... however it was another joy to see It is such an important topic and ignored by so many, even professionals. I thank you to help making people more aware of possible issues. blog comments

    ReplyDelete
  5. There are certainly a lot of details like that to take into consideration. That is a great point to bring up. I offer the thoughts above as general inspiration but clearly there are questions like the one you bring up where the most important thing will be working in honest good faith. I don?t know if best practices have emerged around things like that, but I am sure that your job is clearly identified as a fair game. Both boys and girls feel the impact of just a moment?s pleasure, for the rest of their lives.
    http://androidhackmodapk.com

    ReplyDelete
  6. Thank you for the link building list.I am going jot down this because it will help me a lot.Great blog! Please keep on posting such blog.

    private label website builder

    ReplyDelete
  7. Good Post! Thank you so much for sharing this pretty post, it was so good to read and useful to improve my knowledge as updated one, keep blogging.

    white label website builder

    ReplyDelete
  8. The information that you have shared was really very useful and looks great to see and thanks for sharing the information with us.
    website builder for reseller

    ReplyDelete
  9. Thanks for the great information , i was looking for this information from long.Great blog
    tally course in hyderabad

    ReplyDelete
  10. This information is amazing for web designers who want to collect the updated knowledge of web technology. continue to write this Awesome blog.
    PHP Training In Bangalore

    ReplyDelete
  11. Handsoff to the author. Really it is very useful to me. Thanks and keep sharing

    UI Development Training in Bangalore

    ReplyDelete
  12. Hmm, it seems like your site ate my first comment (it was extremely long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I as well as an aspiring blog writer, but I’m still new to the whole thing. Do you have any recommendations for newbie blog writers? I’d appreciate it.
    Advanced AWS Training in Bangalore | Best Amazon Web Services Training Institute in Bangalore
    Advanced AWS Training Institute in Pune | Best Amazon Web Services Training Institute in Pune
    Advanced AWS Online Training Institute in india | Best Online AWS Certification Course in india
    aws training in bangalore | best aws training in bangalore

    ReplyDelete
  13. Very nice post here and thanks for it .I always like and such a super contents of these post.Excellent and very cool idea and great content of different kinds of the valuable information's. 
    rpa training in bangalore
    rpa training in pune
    rpa online training
    best rpa training in bangalore

    ReplyDelete
  14. Nice post. By reading your blog, i get inspired and this provides some useful information. Thank you for posting this exclusive post for our vision. 
    Best Devops online Training
    Online DevOps Certification Course - Gangboard
    Best Devops Training institute in Chennai

    ReplyDelete
  15. Hi there I am so thrilled I found your website, I really found you by mistake, while I was browsing on Yahoo for something else, Anyhow I am here now and would just like to say thanks a lot for a tremendous post and an all-round exciting blog (I also love the theme/design), I don’t have time to go through it all at the minute but I have saved it and also added in your RSS feeds, so when I have time I will be back to read more, Please do keep up the awesome job.
    python Online training in chennai
    python Online training in bangalore
    python interview question and answers

    ReplyDelete

WhichIsBest
WhichIsBest