Comments (6)
raphaelts3
commented on July 22, 2024
1
Not sure if it will help your case, but in my case where I just wanted to log ssl keys, I've just commented that line and moved on, it worked just fined π
from fritap.
dreyes15
commented on July 22, 2024
Yea I think I might do that, my initial goal was to use the -p flag just to sanity check the traffic that was being collected. The default might be to just return 0.0.0.0 if FriTap canβt get the ip?
from fritap.
raphaelts3
commented on July 22, 2024
Hm, good question I didn't end-up using anything besides ssl key logs, to then import the keys to wireshark and get the whole dumps from there.
Just to share a bit more of my setup, basically I'm using wireshark hooked into my cable ethernet and I'm sharing that same connection through wi-fi to my phones, that way all the traffic has to pass through wireshark and I can just see then with the keys I've exported using friTap.
from fritap.
dreyes15
commented on July 22, 2024
Gotcha, if you are using tcpdump on the phone, are you getting only app traffic Or are you getting everything and filtering the traffic from the app?
from fritap.
raphaelts3
commented on July 22, 2024
I'm getting everything, because I'm using wireshark directly on local network, so everything from my pc and phone are showing there, still on wireshark I then filter by hostname(from tls handshake) and from there IPs, that way I can mainly see what the app is sending.
I guess this approach is more tricky if you're not trying to see http/tls and/or you don't know what the app is using, anyways that's mainly how I'm operating right now, I hope it helps!
from fritap.
monkeywave
commented on July 22, 2024
Hi,
thx for reporting this issue. Currently we are working in order to solve this issue. Actually when friTap is unable to get the ip from a socket it won't capture its traffic.
For now you have either two possibilities. First is to ignore this and let friTap use default socket values:
fritap -m --enable_default_fd --spawn -p <pcap_name.pcap> <target package>
The recommend solution would be to run friTap in a full packet capture mode and extract the TLS keys doing it:
fritap -m -p log24.pcap --full_capture --spawn --keylog <keylog_name.log> <target package>
That way you keep the original socket information. You still need to filter this PCAP because it will capture any traffic from your target device and therefore will contain more information as your target app.
from fritap.
Related Issues (20)
- FriTap on Android 13 does not work? HOT 2
- Conscrypt hooking on Android 13 generates segfault HOT 3
- Overwrites existing Frida install HOT 1
- No packets captured HOT 3
- error after start importlib_resources HOT 2
- Error loading ProviderInstallerImpl HOT 4
- Flutter support HOT 1
- Cannot log the keys from an app on android device, Galaxy A54 5G HOT 5
- Should this handle packaged Chromium too? HOT 5
- Various unity apps don't work (Android) HOT 1
- ε ³δΊη³»η» HOT 3
- Issues with Nox emulator HOT 4
- remove empty .gitmodules file HOT 1
- Unable to log TLS keys or traffic with an android app HOT 7
- tcpdump starts twice on Android when app spawn and full capture are enabled HOT 1
- TLS keys and decrypted QUIC|HTTP/3 packets extraction with Cronet library HOT 5
- Allow startup script before logging
- Issue with friTap v1.1.0.5 - Error in hooking ProviderInstallerImpl HOT 4
- Python 3.12 not supported because of 'distutils' removal HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fritap.