iosslsniffer


Nameiosslsniffer JSON
Version 0.0.2 PyPI version JSON
download
home_page
SummarySniffer for encrypted traffic
upload_time2023-07-25 08:39:03
maintainer
docs_urlNone
author
requires_python>=3.8
license
keywords ios jailbreak ssl sniffer tls cli automation
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # Description

**Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.**

`CFNetwork.framework` contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.

This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈).
Assuming you have a jailbroken iOS device, this Python3 tool can automate this process.

# Installation

```shell
python3 -m pip install -U iosslsniffer
```

# Prerequisites

## Enable logging global

This package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.
In addition, a global preference key is need to set `AppleCFNetworkDiagnosticLogging`.

### Howto

- Download and install [`rpc_server`](https://rpc-project.readthedocs.io/en/latest/getting_started/installation.html) on
  a jailbroken device.
- Setting logging global, this can be done manually or using the integrated `rpc_client` in the sniffer.
  - To use integrated `rpc_client` just provide the `rpc_server` port:
      ```shell
      python3 -m iosslsniffer setup -p 5910
      python3 -m iosslsniffer sniff
      ```
  - Manually connect to `rpc_server`:
    - Set `AppleCFNetworkDiagnosticLogging` to 3 (restart required)
    - Execute `p.syslog.set_harlogger_for_all(True)`
      ```shell
      user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1
      Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.
      Feel free to use the following globals:
  
      🌍 p - the injected process
      🌍 symbols - process global symbols
  
      Have a nice flight ✈️!
      Starting an IPython shell... 🐍
  
      In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')
      In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)
      
      restart.........
      
      In [1]: p.syslog.set_harlogger_for_all(True)
      ```

## CFNetworkDiagnostics

In order to enable `CFNetworkDiagnostics` the key `AppleCFNetworkDiagnosticLogging` needs to be set, this is done as
part of `iosslsniffer setup` command.
A restart is required incase the key was not set.

# Usage

```shell
Usage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...

Options:
  --help  Show this message and exit.

Commands:
  setup  Setup all prerequisites required inorder to sniff the SSL traffic
  sniff  Sniff the traffic
```


            

Raw data

            {
    "_id": null,
    "home_page": "",
    "name": "iosslsniffer",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.8",
    "maintainer_email": "netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>",
    "keywords": "ios,jailbreak,ssl,sniffer,tls,cli,automation",
    "author": "",
    "author_email": "netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>",
    "download_url": "https://files.pythonhosted.org/packages/09/c8/13c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b/iosslsniffer-0.0.2.tar.gz",
    "platform": null,
    "description": "# Description\n\n**Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.**\n\n`CFNetwork.framework` contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be\nlogged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we\nattach each such packet appropriate TCP flags and write it back into a PCAP file.\n\nThis allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark \ud83e\udd88).\nAssuming you have a jailbroken iOS device, this Python3 tool can automate this process.\n\n# Installation\n\n```shell\npython3 -m pip install -U iosslsniffer\n```\n\n# Prerequisites\n\n## Enable logging global\n\nThis package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.\nIn addition, a global preference key is need to set `AppleCFNetworkDiagnosticLogging`.\n\n### Howto\n\n- Download and install [`rpc_server`](https://rpc-project.readthedocs.io/en/latest/getting_started/installation.html) on\n  a jailbroken device.\n- Setting logging global, this can be done manually or using the integrated `rpc_client` in the sniffer.\n  - To use integrated `rpc_client` just provide the `rpc_server` port:\n      ```shell\n      python3 -m iosslsniffer setup -p 5910\n      python3 -m iosslsniffer sniff\n      ```\n  - Manually connect to `rpc_server`:\n    - Set `AppleCFNetworkDiagnosticLogging` to 3 (restart required)\n    - Execute `p.syslog.set_harlogger_for_all(True)`\n      ```shell\n      user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1\n      Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.\n      Feel free to use the following globals:\n  \n      \ud83c\udf0d p - the injected process\n      \ud83c\udf0d symbols - process global symbols\n  \n      Have a nice flight \u2708\ufe0f!\n      Starting an IPython shell... \ud83d\udc0d\n  \n      In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')\n      In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)\n      \n      restart.........\n      \n      In [1]: p.syslog.set_harlogger_for_all(True)\n      ```\n\n## CFNetworkDiagnostics\n\nIn order to enable `CFNetworkDiagnostics` the key `AppleCFNetworkDiagnosticLogging` needs to be set, this is done as\npart of `iosslsniffer setup` command.\nA restart is required incase the key was not set.\n\n# Usage\n\n```shell\nUsage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...\n\nOptions:\n  --help  Show this message and exit.\n\nCommands:\n  setup  Setup all prerequisites required inorder to sniff the SSL traffic\n  sniff  Sniff the traffic\n```\n\n",
    "bugtrack_url": null,
    "license": "",
    "summary": "Sniffer for encrypted traffic",
    "version": "0.0.2",
    "project_urls": {
        "Bug Reports": "https://github.com/netanelc305/ioSSLsniffer/issues",
        "Homepage": "https://github.com/netanelc305/ioSSLsniffer"
    },
    "split_keywords": [
        "ios",
        "jailbreak",
        "ssl",
        "sniffer",
        "tls",
        "cli",
        "automation"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "97b1e0fa964d4cd437b3b8abc94ad0457f6565a4c26186faf77038b1d15a7187",
                "md5": "27722f6cc1960104163eff08b9cf875c",
                "sha256": "c6ab8482fd33fdc6eaf0c8bd798b16ad59268151065cb652e3256c1e391ee00b"
            },
            "downloads": -1,
            "filename": "iosslsniffer-0.0.2-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "27722f6cc1960104163eff08b9cf875c",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8",
            "size": 8386,
            "upload_time": "2023-07-25T08:39:02",
            "upload_time_iso_8601": "2023-07-25T08:39:02.876903Z",
            "url": "https://files.pythonhosted.org/packages/97/b1/e0fa964d4cd437b3b8abc94ad0457f6565a4c26186faf77038b1d15a7187/iosslsniffer-0.0.2-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "09c813c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b",
                "md5": "ad4bb5fa4f7a522556e654dc5a5f2dbf",
                "sha256": "681a3b9117a69dc213d15ab91d38b18a6b0d31cc20f2e2833e755786be6e5398"
            },
            "downloads": -1,
            "filename": "iosslsniffer-0.0.2.tar.gz",
            "has_sig": false,
            "md5_digest": "ad4bb5fa4f7a522556e654dc5a5f2dbf",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8",
            "size": 8908,
            "upload_time": "2023-07-25T08:39:03",
            "upload_time_iso_8601": "2023-07-25T08:39:03.839125Z",
            "url": "https://files.pythonhosted.org/packages/09/c8/13c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b/iosslsniffer-0.0.2.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-07-25 08:39:03",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "netanelc305",
    "github_project": "ioSSLsniffer",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "requirements": [],
    "lcname": "iosslsniffer"
}
        
Elapsed time: 0.11938s