Project description

Description

Utility for sniffing SSL/TLS encrypted traffic on a jailbroken iOS device.

CFNetwork.framework contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we attach each such packet appropriate TCP flags and write it back into a PCAP file.

This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈). Assuming you have a jailbroken iOS device, this Python3 tool can automate this process.

Installation

python3 -m pip install -U iosslsniffer

Prerequisites

Enable logging global

This package relies on the ability to modify Apples logging global, Thus requires a jailbroken device. In addition, a global preference key is need to set AppleCFNetworkDiagnosticLogging.

Howto

Download and install rpc_server on a jailbroken device.

Setting logging global, this can be done manually or using the integrated rpc_client in the sniffer.

To use integrated rpc_client just provide the rpc_server port:

python3 -m iosslsniffer setup -p 5910
python3 -m iosslsniffer sniff

Manually connect to rpc_server:

Set AppleCFNetworkDiagnosticLogging to 3 (restart required)

Execute p.syslog.set_harlogger_for_all(True)

user@Users-Mac-mini-7 ~/ @ rpcclient 127.0.0.1
Welcome to the rpcclient interactive shell! You interactive shell for controlling the remote rpcserver.
Feel free to use the following globals:

🌍 p - the injected process
🌍 symbols - process global symbols

Have a nice flight ✈️!
Starting an IPython shell... 🐍

In [1]: pref = p.preferences.sc.open('/private/var/Managed Preferences/mobile/.GlobalPreferences.plist')
In [2]: pref.set('AppleCFNetworkDiagnosticLogging',3)

restart.........

In [1]: p.syslog.set_harlogger_for_all(True)

CFNetworkDiagnostics

In order to enable CFNetworkDiagnostics the key AppleCFNetworkDiagnosticLogging needs to be set, this is done as part of iosslsniffer setup command. A restart is required incase the key was not set.

Usage

Usage: python -m iosslsniffer [OPTIONS] COMMAND [ARGS]...

Options:
  --help  Show this message and exit.

Commands:
  setup  Setup all prerequisites required inorder to sniff the SSL traffic
  sniff  Sniff the traffic

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

0.0.2

Jul 25, 2023

0.0.1

Jun 21, 2023

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

iosslsniffer-0.0.2.tar.gz (8.9 kB view details)

Uploaded Jul 25, 2023 Source

Built Distribution

iosslsniffer-0.0.2-py3-none-any.whl (8.4 kB view details)

Uploaded Jul 25, 2023 Python 3

File details

Details for the file iosslsniffer-0.0.2.tar.gz.

File metadata

Download URL: iosslsniffer-0.0.2.tar.gz
Upload date: Jul 25, 2023
Size: 8.9 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.11.4

File hashes

Hashes for iosslsniffer-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`681a3b9117a69dc213d15ab91d38b18a6b0d31cc20f2e2833e755786be6e5398`
MD5	`ad4bb5fa4f7a522556e654dc5a5f2dbf`
BLAKE2b-256	`09c813c1e99f2567ebfaf929a30b7fd369e91d588c320728fe5db0d42c62014b`

See more details on using hashes here.

File details

Details for the file iosslsniffer-0.0.2-py3-none-any.whl.

File metadata

Download URL: iosslsniffer-0.0.2-py3-none-any.whl
Upload date: Jul 25, 2023
Size: 8.4 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/4.0.2 CPython/3.11.4

File hashes

Hashes for iosslsniffer-0.0.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`c6ab8482fd33fdc6eaf0c8bd798b16ad59268151065cb652e3256c1e391ee00b`
MD5	`27722f6cc1960104163eff08b9cf875c`
BLAKE2b-256	`97b1e0fa964d4cd437b3b8abc94ad0457f6565a4c26186faf77038b1d15a7187`