Sniffer for encrypted traffic on darwin-based platforms
Project description
Description
Utility for sniffing SSL/TLS encrypted traffic on a darwin-based platforms.
CFNetwork.framework
contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.
This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈).
On iOS, this will require a jailbroken iOS device.
Installation
python3 -m pip install -U darwin-ssl-sniffer
Usage
Local macOS machine
Simply execute:
# output file can be given using the -o option (traffic.pcapng by default)
python3 -m darwin_ssl_sniffer sniff
Jailbroken iOS device
- Download and install
rpcserver
on a jailbroken device. - Execute:
python3 -m darwin_ssl_sniffer mobile setup -p 5910
This step should be performed only once on the device. The first time will require a device reboot (you will be prompted to if this is indeed the first time). - Execute:
# output file can be given using the -o option (traffic.pcapng by default) python3 -m darwin_ssl_sniffer mobile sniff
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for darwin_ssl_sniffer-0.0.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3673a521997756c8ef4ae0a697dc8273f5acc6ad9bb3541fcf6e2d9c75a4a92e |
|
MD5 | 8b8f37f6725800aae85bc0b0683b925b |
|
BLAKE2b-256 | 69581a47a5caff652a37c8036b9323fb06db0f1f7776bafa3add8a9394256e63 |