Charles Proxy: Debug your Android traffic

Charles is a great tool to debug all your network requests. I recently bumped into it while searching for a way to capture and debug my Android phone traffic. Charles is pretty easy and straightforward to get up and running. However, getting it to actually debug your app is a little tricky. This post will detail how to perform these tricks.

Download and install Charles on your machine by following the instructions here. Once installed and running you should see an interface like this. Making any requests through the browser should now show up in Charles. Perfect!

Charles proxy interface

Next, we need to capture the requests made from our phone. To do this, we need to route our android traffic through the Charles proxy. Ensure your Android device is connected to the same network as your desktop. Click on the Help option in the Menu bar and click on SSL proxying -> Install Charles root certificate on a Mobile Device or Remote Browser. You should now see a popup instructing you through the next steps.

Configure SSL certificate popup

On the mobile device long press on your active wifi connection and click modify. Configure a manual proxy in the advanced settings with the host and port given in the popup. Then go to chls.pro/ssl to download and install the ssl certificate. Following this step will let us debug HTTPS requests. Once this is done you should notice your mobile requests show up in Charles.

Configuring proxy for you WiFi connection

You will notice that the requests are not exactly readable. The notes will contain a message like this “SSL Proxying not enabled for this host: enable in Proxy Settings, SSL locations”. The reason this occurs is that Android has heightened its security measures for its apps since Android v7 which requires an app to explicitly state its trust for system installed certificates.

To get around this issue, we will alter the APK file to have it trust our installed certificates. To do this we will use apk-mitm. apk-mitm automatically patches our APK files to allow user-added certificates.

APK Pure portal to download the apk files

Download the APK file for your app from APKpure, and process it with apk-mitm. You can either install apk-mitm with its dependencies locally or just use Github codespaces and patch your .apk file there. Once you have the patched APK, install it in your phone using either adb or by just copying it and opening it on the device. After installing the APK, open the application and monitor the requests within Charles. You should now be able to view the requests and responses clearly.

Readable requests from the phone within Charles

You can copy a request as cURL by right-clicking on it and clicking Copy cURL request. You are now all set to debug your android apps.

If you liked this post and wish to read similar posts, please consider following me on Twitter.

Lezwon Castelino

Lezwon Castelino

Freelancer | Open Source Contributor | Ex- @PyTorchLightnin Core ⚡ | Solutions Hacker | 20+ Hackathons