charles 太封闭了,没给二次开发者预留一点操作的可能性,只有基于 Web Interface Settings 做一些简单的功能,逆向开发风险太高了,很有可能吃力不讨好。
Web Interface Settings
网上没有现成 api 文档,那就只能自己爬了:
import requests
from bs4 import BeautifulSoup
from urllib.parse import urljoin
from requests.auth import HTTPBasicAuth
# --- 配置 ---
AUTH = HTTPBasicAuth('tower', '123456')
PROXIES = {"http": "http://127.0.0.1:8888"}
BLACKLIST = ['enable', 'disable', 'start', 'stop', 'clear', 'quit', 'reset', 'export']
def simple_safe_crawl(url, visited=None):
if visited is None: visited = set()
if url in visited: return []
visited.add(url)
if any(word in url.lower() for word in BLACKLIST):
return [f"{url}"]
# 不在黑名单里,才执行访问
try:
# print(f"正在扫描目录: {url}")
resp = requests.get(url, auth=AUTH, proxies=PROXIES, timeout=3)
soup = BeautifulSoup(resp.text, 'html.parser')
all_found = []
for a in soup.find_all('a'):
href = a.get('href')
if not href or href.startswith('..'): continue
full_url = urljoin(url, href)
# 递归爬取
all_found.extend(simple_safe_crawl(full_url, visited))
return all_found
except:
return []
if __name__ == "__main__":
results = simple_safe_crawl("http://control.charles/")
print("\n--- 最终扫描结果 ---")
for r in sorted(list(set(results))):
print(r)接口如下:
http://control.charles/quit
http://control.charles/recording/start
http://control.charles/recording/stop
http://control.charles/session/clear
http://control.charles/session/export-csv
http://control.charles/session/export-har
http://control.charles/session/export-json
http://control.charles/session/export-trace
http://control.charles/session/export-xml
http://control.charles/tools/allow-list/disable
http://control.charles/tools/allow-list/enable
http://control.charles/tools/auto-save/disable
http://control.charles/tools/auto-save/enable
http://control.charles/tools/block-cookies/disable
http://control.charles/tools/block-cookies/enable
http://control.charles/tools/block-list/disable
http://control.charles/tools/block-list/enable
http://control.charles/tools/breakpoints/disable
http://control.charles/tools/breakpoints/enable
http://control.charles/tools/client-process/disable
http://control.charles/tools/client-process/enable
http://control.charles/tools/dns-spoofing/disable
http://control.charles/tools/dns-spoofing/enable
http://control.charles/tools/map-local/disable
http://control.charles/tools/map-local/enable
http://control.charles/tools/map-remote/disable
http://control.charles/tools/map-remote/enable
http://control.charles/tools/no-caching/disable
http://control.charles/tools/no-caching/enable
http://control.charles/tools/rewrite/disable
http://control.charles/tools/rewrite/enable
目前的需求是:
环境初始化与目标锁定
精准、快速地获取数据
动态篡改返回结果
弱网环境一键切换
紧急复位, 当调试结束,或者环境配置混乱时,让 AI 能够一键恢复 Charles 到纯净抓包状态。
