| Name | iosslsniffer JSON |
| Version |
0.0.2
JSON |
| download |
| home_page | |
| Summary | Sniffer for encrypted traffic |
| upload_time | 2023-07-25 08:39:03 |
| maintainer | |
| docs_url | None |
| author | |
| requires_python | >=3.8 |
| license | |
| keywords |
ios
jailbreak
ssl
sniffer
tls
cli
automation
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Description
**Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.**
`CFNetwork.framework` contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.
This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈).
Assuming you have a jailbroken iOS device, this Python3 tool can automate this process.
# Installation
```shell
python3 -m pip install -U iosslsniffer
```
# Prerequisites
## Enable logging global
This package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.
In addition, a global preference key is need to set `AppleCFNetworkDiagnosticLogging`.
### Howto
- Download and install [`rpc_server`](https://rpc-project.readthedocs.io/en/latest/getting_started/installation.html) on
a jailbroken device.
- Setting logging global, this can be done manually or using the integrated `rpc_client` in the sniffer.
- To use integrated `rpc_client` just provide the `rpc_server` port:
```shell
python3 -m iosslsniffer setup -p 5910
python3 -m iosslsniffer sniff
```
- Manually connect to `rpc_server`:
- Set `AppleCFNetworkDiagnosticLogging` to 3 (restart required)
- Execute `p.syslog.set_harlogger_for_all(True)`
```shell
user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1
Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.
Feel free to use the following globals:
🌍 p - the injected process
🌍 symbols - process global symbols
Have a nice flight ✈️!
Starting an IPython shell... 🐍
In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')
In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)
restart.........
In [1]: p.syslog.set_harlogger_for_all(True)
```
## CFNetworkDiagnostics
In order to enable `CFNetworkDiagnostics` the key `AppleCFNetworkDiagnosticLogging` needs to be set, this is done as
part of `iosslsniffer setup` command.
A restart is required incase the key was not set.
# Usage
```shell
Usage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...
Options:
--help Show this message and exit.
Commands:
setup Setup all prerequisites required inorder to sniff the SSL traffic
sniff Sniff the traffic
```
Raw data
{
"_id": null,
"home_page": "",
"name": "iosslsniffer",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>",
"keywords": "ios,jailbreak,ssl,sniffer,tls,cli,automation",
"author": "",
"author_email": "netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/09/c8/13c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b/iosslsniffer-0.0.2.tar.gz",
"platform": null,
"description": "# Description\n\n**Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.**\n\n`CFNetwork.framework` contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be\nlogged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we\nattach each such packet appropriate TCP flags and write it back into a PCAP file.\n\nThis allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark \ud83e\udd88).\nAssuming you have a jailbroken iOS device, this Python3 tool can automate this process.\n\n# Installation\n\n```shell\npython3 -m pip install -U iosslsniffer\n```\n\n# Prerequisites\n\n## Enable logging global\n\nThis package relies on the ability to modify Apples logging global, Thus requires a jailbroken device.\nIn addition, a global preference key is need to set `AppleCFNetworkDiagnosticLogging`.\n\n### Howto\n\n- Download and install [`rpc_server`](https://rpc-project.readthedocs.io/en/latest/getting_started/installation.html) on\n a jailbroken device.\n- Setting logging global, this can be done manually or using the integrated `rpc_client` in the sniffer.\n - To use integrated `rpc_client` just provide the `rpc_server` port:\n ```shell\n python3 -m iosslsniffer setup -p 5910\n python3 -m iosslsniffer sniff\n ```\n - Manually connect to `rpc_server`:\n - Set `AppleCFNetworkDiagnosticLogging` to 3 (restart required)\n - Execute `p.syslog.set_harlogger_for_all(True)`\n ```shell\n user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1\n Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.\n Feel free to use the following globals:\n \n \ud83c\udf0d p - the injected process\n \ud83c\udf0d symbols - process global symbols\n \n Have a nice flight \u2708\ufe0f!\n Starting an IPython shell... \ud83d\udc0d\n \n In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')\n In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)\n \n restart.........\n \n In [1]: p.syslog.set_harlogger_for_all(True)\n ```\n\n## CFNetworkDiagnostics\n\nIn order to enable `CFNetworkDiagnostics` the key `AppleCFNetworkDiagnosticLogging` needs to be set, this is done as\npart of `iosslsniffer setup` command.\nA restart is required incase the key was not set.\n\n# Usage\n\n```shell\nUsage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...\n\nOptions:\n --help Show this message and exit.\n\nCommands:\n setup Setup all prerequisites required inorder to sniff the SSL traffic\n sniff Sniff the traffic\n```\n\n",
"bugtrack_url": null,
"license": "",
"summary": "Sniffer for encrypted traffic",
"version": "0.0.2",
"project_urls": {
"Bug Reports": "https://github.com/netanelc305/ioSSLsniffer/issues",
"Homepage": "https://github.com/netanelc305/ioSSLsniffer"
},
"split_keywords": [
"ios",
"jailbreak",
"ssl",
"sniffer",
"tls",
"cli",
"automation"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "97b1e0fa964d4cd437b3b8abc94ad0457f6565a4c26186faf77038b1d15a7187",
"md5": "27722f6cc1960104163eff08b9cf875c",
"sha256": "c6ab8482fd33fdc6eaf0c8bd798b16ad59268151065cb652e3256c1e391ee00b"
},
"downloads": -1,
"filename": "iosslsniffer-0.0.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "27722f6cc1960104163eff08b9cf875c",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 8386,
"upload_time": "2023-07-25T08:39:02",
"upload_time_iso_8601": "2023-07-25T08:39:02.876903Z",
"url": "https://files.pythonhosted.org/packages/97/b1/e0fa964d4cd437b3b8abc94ad0457f6565a4c26186faf77038b1d15a7187/iosslsniffer-0.0.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "09c813c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b",
"md5": "ad4bb5fa4f7a522556e654dc5a5f2dbf",
"sha256": "681a3b9117a69dc213d15ab91d38b18a6b0d31cc20f2e2833e755786be6e5398"
},
"downloads": -1,
"filename": "iosslsniffer-0.0.2.tar.gz",
"has_sig": false,
"md5_digest": "ad4bb5fa4f7a522556e654dc5a5f2dbf",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 8908,
"upload_time": "2023-07-25T08:39:03",
"upload_time_iso_8601": "2023-07-25T08:39:03.839125Z",
"url": "https://files.pythonhosted.org/packages/09/c8/13c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b/iosslsniffer-0.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-07-25 08:39:03",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "netanelc305",
"github_project": "ioSSLsniffer",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "iosslsniffer"
}
