Sniffer for encrypted traffic on darwin-based platforms
Project description
Description
Utility for sniffing SSL/TLS encrypted traffic on a darwin-based platforms.
CFNetwork.framework contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.
This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈).
On iOS, this will require a jailbroken iOS device.
Installation
python3 -m pip install -U darwin-ssl-sniffer
Usage
Local macOS machine
Simply execute:
# output file can be given using the -o option (traffic.pcapng by default)
python3 -m darwin_ssl_sniffer sniff
Jailbroken iOS device
- Download and install
rpcserveron a jailbroken device. - Execute:
python3 -m darwin_ssl_sniffer mobile setup -p 5910
This step should be performed only once on the device. The first time will require a device reboot (you will be prompted to if this is indeed the first time). - Execute:
# output file can be given using the -o option (traffic.pcapng by default) python3 -m darwin_ssl_sniffer mobile sniff
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
darwin-ssl-sniffer-0.0.4.tar.gz
(11.6 kB
view hashes)
Built Distribution
Close
Hashes for darwin_ssl_sniffer-0.0.4-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0d5d218b5b035707aebd0d450bd58452b89503bd6fd3cb752bba0e8e0f49a5c3 |
|
| MD5 | f071998bd02c55f88e9eb145f3632914 |
|
| BLAKE2b-256 | 402c51ced78d9556d358dcfecb955d05e556bd5e7393e34fae0f41325cc955e9 |
