Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.
CFNetwork.framework
contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.
This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈). Assuming you have a jailbroken iOS device, this Python3 tool can automate this process.
python3 -m pip install -U iosslsniffer
This package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.
In addition, a global preference key is need to set AppleCFNetworkDiagnosticLogging
.
rpc_server
on
a jailbroken device.rpc_client
in the sniffer.
rpc_client
just provide the rpc_server
port:
python3 -m iosslsniffer setup -p 5910
python3 -m iosslsniffer sniff
rpc_server
:
AppleCFNetworkDiagnosticLogging
to 3 (restart required)p.syslog.set_harlogger_for_all(True)
user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1
Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.
Feel free to use the following globals:
🌍 p - the injected process
🌍 symbols - process global symbols
Have a nice flight ✈️!
Starting an IPython shell... 🐍
In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')
In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)
restart.........
In [1]: p.syslog.set_harlogger_for_all(True)
In order to enable CFNetworkDiagnostics
the key AppleCFNetworkDiagnosticLogging
needs to be set, this is done as
part of iosslsniffer setup
command.
A restart is required incase the key was not set.
Usage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
setup Setup all prerequisites required inorder to sniff the SSL traffic
sniff Sniff the traffic
FAQs
Sniffer for encrypted traffic
We found that iosslsniffer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.