Comments (5)
I guess we have another game engine (LibGDX) here that , like Unity, comes with its own network stack. (https://libgdx.com/wiki/networking)
It is just not supported at this point in time .
from fritap.
On some Android devices the following code will return since SSL_get_fd return -1
Interceptor.attach(this.addresses["SSL_write"],
{
onEnter: function (args: any) {
if (!ObjC.available){
this.fd = OpenSSL_BoringSSL.SSL_get_fd(args[0])
if(this.fd < 0) {
return
}
var message = getPortsAndAddresses(this.fd as number, false, lib_addesses)
message["ssl_session_id"] = OpenSSL_BoringSSL.getSslSessionId(args[0])
message["function"] = "SSL_write"
message["contentType"] = "datalog"
I don't know if it is because of the lack of permission or some Android OEM quirks. The google ssl_logger just ignore this so they can log traffic without ip/port.
from fritap.
Hi,
On some Android devices the following code will return since SSL_get_fd return -1
Interceptor.attach(this.addresses["SSL_write"], { onEnter: function (args: any) { if (!ObjC.available){ this.fd = OpenSSL_BoringSSL.SSL_get_fd(args[0]) if(this.fd < 0) { return } var message = getPortsAndAddresses(this.fd as number, false, lib_addesses) message["ssl_session_id"] = OpenSSL_BoringSSL.getSslSessionId(args[0]) message["function"] = "SSL_write" message["contentType"] = "datalog"
I don't know if it is because of the lack of permission or some Android OEM quirks. The google ssl_logger just ignore this so they can log traffic without ip/port.
Originally, friTap was designed with live forensics in mind, aiming to preserve socket information for thorough analysis. We've since introduced a new feature, --enable_default_fd
, which supplies default socket information when writing to the pcap file. This enhancement ensures that users have access to essential data, even when specific socket details are unavailable, thereby maintaining the utility and effectiveness of forensic investigations.
from fritap.
I am testing the app "Rucoy Online" for http data upon character login. Fritap spawns the app just fine, but it does not log any TLS traffic or keys relating to the log in.
It does however, log firebase TLS keys when you first install the app, but these keys are unrelated to the actual game server connection. I assume the hooked functions correspond to this.
This app is on the playstore, feel free to give it a try!
Can you retry it with the latest friTap version (1.1.0.5). Also consider the following:
https://github.com/fkie-cad/friTap?tab=readme-ov-file#problems
from fritap.
Hello,
Thank you for the update, I tried using the new version of Fritap on the same app, but now I am receiving these errors:
As you can see, I have run the command for both key logging and pcap traffic, with and without the --enable_default_fd flag for each case. Do you know what these errors mean?
The device I am using is a Genymotion emulated Google Nexus 4. If anyone can somehow succesfully log the TLS keys/traffic for this app, help would be appreciated. Thanks!
from fritap.
Related Issues (20)
- FriTap on Android 13 does not work? HOT 2
- Conscrypt hooking on Android 13 generates segfault HOT 3
- Overwrites existing Frida install HOT 1
- No packets captured HOT 3
- error after start importlib_resources HOT 2
- Error loading ProviderInstallerImpl HOT 3
- Flutter support HOT 1
- Cannot log the keys from an app on android device, Galaxy A54 5G HOT 5
- Should this handle packaged Chromium too? HOT 5
- Various unity apps don't work (Android) HOT 1
- ε ³δΊη³»η» HOT 3
- Issues with Nox emulator HOT 4
- remove empty .gitmodules file HOT 1
- tcpdump starts twice on Android when app spawn and full capture are enabled HOT 1
- TLS keys and decrypted QUIC|HTTP/3 packets extraction with Cronet library HOT 3
- Allow startup script before logging
- Issue with friTap v1.1.0.5 - Error in hooking ProviderInstallerImpl HOT 3
- Only supporting IPv4/6 Error HOT 5
- Python 3.12 not supported because of 'distutils' removal HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fritap.