Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.
CFNetwork.framework
contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.
This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈). Assuming you have a jailbroken iOS device, this Python3 tool can automate this process.
python3 -m pip install -U iosslsniffer
This package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.
In addition, a global preference key is need to set AppleCFNetworkDiagnosticLogging
.
rpc_server
on
a jailbroken device.rpc_client
in the sniffer.
rpc_client
just provide the rpc_server
port:
python3 -m iosslsniffer setup -p 5910
python3 -m iosslsniffer sniff
rpc_server
:
AppleCFNetworkDiagnosticLogging
to 3 (restart required)p.syslog.set_harlogger_for_all(True)
user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1
Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.
Feel free to use the following globals:
🌍 p - the injected process
🌍 symbols - process global symbols
Have a nice flight ✈️!
Starting an IPython shell... 🐍
In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')
In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)
restart.........
In [1]: p.syslog.set_harlogger_for_all(True)
In order to enable CFNetworkDiagnostics
the key AppleCFNetworkDiagnosticLogging
needs to be set, this is done as
part of iosslsniffer setup
command.
A restart is required incase the key was not set.
Usage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
setup Setup all prerequisites required inorder to sniff the SSL traffic
sniff Sniff the traffic
FAQs
Sniffer for encrypted traffic
We found that iosslsniffer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.