IOS防止抓包

第一种思路是：如果我们能判断是否有代理，有代理那么就存在风险。

第二种思路：针对HTTPS 请求。我们判断证书的合法性。

#import

- (BOOL)getProxyStatus {

NSDictionary*proxySettings =  (__bridgeNSDictionary*)(CFNetworkCopySystemProxySettings());

NSArray*proxies = (__bridgeNSArray*)(CFNetworkCopyProxiesForURL((__bridgeCFURLRef_Nonnull)([NSURLURLWithString:@"http://www.baidu.com"]), (__bridgeCFDictionaryRef_Nonnull)(proxySettings)));

NSDictionary*settings = [proxiesobjectAtIndex:0];

    NSLog(@"host=%@", [settings objectForKey:(NSString *)kCFProxyHostNameKey]);

    NSLog(@"port=%@", [settings objectForKey:(NSString *)kCFProxyPortNumberKey]);

    NSLog(@"type=%@", [settings objectForKey:(NSString *)kCFProxyTypeKey]);

    if ([[settings objectForKey:(NSString *)kCFProxyTypeKey] isEqualToString:@"kCFProxyTypeNone"]){

//没有设置代理

        returnNO;

}else{

//设置代理了

        returnYES;

    }

}

- (id)fetchSSIDInfo {

    NSArray *ifs = (__bridge_transfer id)CNCopySupportedInterfaces();

    NSLog(@"Supported interfaces: %@", ifs);

idinfo =nil;

for(NSString*ifnaminifs) {

        info = (__bridge_transferid)CNCopyCurrentNetworkInfo((__bridgeCFStringRef)ifnam);

NSLog(@"代理是%@ => %@", ifnam, info);

if(info && [infocount]) {break; }

    }

    returninfo;

}

二、我们可以在请求配置中清空代理，让请求不走代理

我们通过hook到sessionWithConfiguration: 方法。然后清空代理

+ (void)load{

  Method method1 = class_getClassMethod([NSURLSession class],@selector(sessionWithConfiguration:));

  Method method2 = class_getClassMethod([NSURLSession class],@selector(px_sessionWithConfiguration:));

  method_exchangeImplementations(method1, method2);

  Methodmethod3 =class_getClassMethod([NSURLSessionclass],@selector(sessionWithConfiguration:delegate:delegateQueue:));

  Methodmethod4 =class_getClassMethod([NSURLSessionclass],@selector(px_sessionWithConfiguration:delegate:delegateQueue:));

  method_exchangeImplementations(method3, method4);

}

+ (NSURLSession*)px_sessionWithConfiguration:(NSURLSessionConfiguration*)configuration delegate:(nullable id)delegate delegateQueue:(nullable NSOperationQueue*)queue

{

      if(configuration) configuration.connectionProxyDictionary=@{};

  return [self px_sessionWithConfiguration:configuration delegate:delegate delegateQueue:queue];

}

+ (NSURLSession*)px_sessionWithConfiguration:(NSURLSessionConfiguration*)configuration

{

      if(configuration) configuration.connectionProxyDictionary=@{};

  return [self px_sessionWithConfiguration:configuration];

}