面试指南针,面试问题解答

在处理 Huibo Investment Research App 数据提取时,您如何识别关键接口和参数?请具体讲讲您使用 Charles 进行数据包捕获的步骤。

"Sure! The interviewer's question is about how I identified key interfaces and parameters during the data extraction from the Huibo Investment Research app, specifically asking for the steps I took using Charles for packet capture. Here’s how I approached it:

First, I utilized Charles to intercept the app's HTTP/HTTPS traffic. Next, I focused on capturing relevant requests while interacting with the app to see which data was being fetched. Then, I analyzed the captured requests for API endpoints and key parameters.

To summarize:

1. **Setup Charles Proxy**: I configured Charles to capture traffic from the app running on a rooted Android device, ensuring all app requests were routed through the Charles proxy.

2. **Capture Traffic**: I used the app normally and observed the requests being made. This helped me pinpoint which APIs were called when specific data was accessed.

3. **Analyze Parameters**: I examined the request headers and body for key parameters—especially those that were encrypted or obfuscated, as these would require further analysis.

4. **Locate Critical APIs**: By focusing on these parameters, I identified the main API endpoints essential for data extraction, including any encryption keys and signs.

This structured approach helped me efficiently gather the needed data while overcoming challenges related to encryption and parameter obfuscation."