Simple utlity for sniffing decrypted HTTP/HTTPS traffic on a jailbroken iOS device into an HAR format.

Related tags

Miscellaneoushttpioshttpsharsnifferjailbroken
Overview

Description

iOS devices contain a hidden feature for sniffing decrypted HTTP/HTTPS traffic from all processes using the CFNetwork framework into an HAR format. To trigger this feature on a jailbroken device, you can simply place the correct configuration for com.apple.CFNetwork and trigger the com.apple.CFNetwork.har-capture-update notification.

Since this capture triggers syslog lines, which can be associated with their producing image name and pid, we can also connect each request-response to their corresponding process and the image name which triggered it.

This project is just a simple utility for using this feature.

How to use

If you would like to build yourself using Theos, simply use make package.

I've already supplied with all the necessary binaries, so you don't have to. You can just install the .deb file found in the packages subdirectory, or use the compiled bin/harlogger.

After deploy, simply run on the remote device:

# trigger monitor HTTP/HTTPS traffic for the next 120 seconds
harlogger 120

# or just trigger for infinity
harlogger --infinite

Now you can just run locally:

./remote_har_listener.py -o out.har

When hitting the Ctrl+C, the script should exit and dump all captured entries into given output file, if any.

The output should look like:

You might also like...
Coursework project for DIP class. The goal is to use vision to guide the Dashgo robot through two traffic cones in bright color.

Coursework project for DIP class. The goal is to use vision to guide the Dashgo robot through two traffic cones in bright color.

Yueqian Liu 3 Oct 24, 2022
Traffic flow test platform, especially for reinforcement learning
Traffic flow test platform, especially for reinforcement learning

Traffic Flow Test Platform Traffic flow test platform, especially for reinforcement learning, named TFTP. A traffic signal control framework that can

null 4 Nov 7, 2022
tidevice can be used to communicate with iPhone device
tidevice can be used to communicate with iPhone device

h 该工具能够用于与iOS设备进行通信, 提供以下功能 截图 获取手机信息 ipa包的安装和卸载 根据bundleID 启动和停止应用 列出安装应用信息 模拟Xcode运行XCTest,常用的如启动WebDriverAgent测试

Alibaba 1.8k Dec 30, 2022
AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.
AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.

AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.

DeepMind 814 Dec 26, 2022
An AI-powered device to stop people from stealing my packages.

Package Theft Prevention Device An AI-powered device to stop people from stealing my packages. Installation To install on a raspberry pi, clone the re

rydercalmdown 157 Nov 24, 2022
Easily map device and application controls to a midi controller

pymidicontroller Introduction Easily map device and application controls to a midi controller

Tane Barriball 24 May 16, 2022
This application demonstrates IoTVAS device discovery and security assessment API integration with the Rapid7 InsightVM.
This application demonstrates IoTVAS device discovery and security assessment API integration with the Rapid7 InsightVM.

Introduction This repository hosts a sample application that demonstrates integrating Firmalyzer's IoTVAS API with the Rapid7 InsightVM platform. This

Firmalyzer BV 4 Nov 9, 2022
Script for resizing MTD partitions on a QNAP device in order to be available to upgrade from buster to bullseye
Script for resizing MTD partitions on a QNAP device in order to be available to upgrade from buster to bullseye

QNAP partitions resize for kirkwood devices. As explained by Marin Michlmayr, Debian bullseye support on kirkwood QNAP devices was dropped due to [mai

Arnaud Mouiche 26 Jan 5, 2023
CDM Device Checker for python

CDM Device Checker for python

zackmark29 79 Dec 14, 2022
Comments
  • [Question] - jb required to sniff or only to install CFNetwork plist file?

    [Question] - jb required to sniff or only to install CFNetwork plist file?

    It was not clear to me, so, is the jb needed also to start sniffing or it is just required to setup harlogger (install the plist file and/or adjust target process)? Thanks!

    opened by iam-theKid 3
  • which python version should we use for best out come?

    which python version should we use for best out come?

    [email protected] harlogger-master % ./remote_har_listener.py -o output.har Traceback (most recent call last): File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 151, in main() File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 829, in call return self.main(*args, **kwargs) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 782, in main rv = self.invoke(ctx) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 1066, in invoke return ctx.invoke(self.callback, **ctx.params) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 610, in invoke return callback(*args, **kwargs) File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 109, in main assert line == b'[connected]' AssertionError

    opened by zerishpho 3
Releases(v2.1.2)

  • v2.1.2(Sep 18, 2022)

    What's Changed

    • d4704489eaad08138af6da16445c92937edb386b fix support for pymobiledevice3>=1.29.1 (@doronz88)

    Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.1...v2.1.2

    Source code(tar.gz)
    Source code(zip)

  • v2.1.1(Jun 29, 2022)

    What's Changed

    • ac04c5f933f1cef83f9f187b1dc129f47248c35b setup: remove package_data to allow global installs (@doronz88)

    Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.0...v2.1.1

    Source code(tar.gz)
    Source code(zip)

  • v2.1.0(Oct 28, 2021)

    Changelog

    • b371ab9b57d2263353be241cecb1ddfcf5c2536e preference mode: add process name filter (@doronz88)
    • f2da1d4b7e32b982c6244b3b7d5bf592ebe673ce bump version to 2.1.0 (@doronz88)

    Full Changelog: https://github.com/doronz88/harlogger/compare/v2.0.0...v2.1.0

    Source code(tar.gz)
    Source code(zip)

  • v2.0.0(Oct 21, 2021)

Owner
GitHub Repository
Py4J enables Python programs to dynamically access arbitrary Java objects

Py4J Py4J enables Python programs running in a Python interpreter to dynamically access Java objects in a Java Virtual Machine. Methods are called as

Barthelemy Dagenais 1k Jan 02, 2023
Draw random mazes in python

a-maze Draw random mazes in python This program generates and draws a rectangular maze, with an entrance on one side and one on the opposite side. The

Andrea Pasquali 1 Nov 21, 2021
A minimalist starknet amm adapted from StarkWare's amm.

viscus • A minimalist starknet amm adapted from StarkWare's amm. Directory Structure contracts

Alucard 4 Dec 27, 2021
用于红队成员初步快速攻击的全自动化工具。

关于 Author:m0sway Mail:[email protected] Github:https://www.github.com/m0sway/Jud JuD是

m0sway 46 Jul 21, 2022
Viewer for NFO files

NFO Viewer NFO Viewer is a simple viewer for NFO files, which are "ASCII" art in the CP437 codepage. The advantages of using NFO Viewer instead of a t

Osmo Salomaa 114 Dec 29, 2022
Blender 2.80+ Timelapse Capture Tool Addon

SimpleTimelapser Blender 2.80+ Timelapse Capture Tool Addon Developed for Blender 3.0.0, tested working on 2.80.0 It's no ZBrush undo history but it's

4 Jan 19, 2022
YBlade - Import QBlade blades into Fusion 360

YBlade - Import QBlade blades into Fusion 360 Simple script for Fusion 360 that takes QBlade blade description and constructs the blade: Usage First,

Jan Mrázek 37 Sep 25, 2022
Easy installer for running Amazon AVS Device SDK on Raspberry Pi

avs-device-sdk-pi Scripts to enable Alexa voice activation using Picovoice Porcupine If you like the work, find it useful and if you would like to get

4 Nov 14, 2022
A reproduction repo for a Scheduling bug in AirFlow 2.2.3

A reproduction repo for a Scheduling bug in AirFlow 2.2.3

Ilya Strelnikov 1 Feb 09, 2022
Игра реализована с помощью языке python3.9, библиотеки pygame

Игра в танки Игра реализована с помощью языке python3.9, библиотеки pygame. Игра имеет несколько уровней. Правила: есть танки, которые стреляют, есть

1 Jan 01, 2022
Static bytecode simulator

SEA Static bytecode simulator for creating dependency/dependant based experimental bytecode format for CPython. Example a = random() if a = 5.0:

Batuhan Taskaya 23 Jun 10, 2022
A small Python library which gives you the IEEE-754 representation of a floating point number.

ieee754 ieee754 is small Python library which gives you the IEEE-754 representation of a floating point number. You can specify a precision given in t

Bora Canbula 5 Dec 20, 2022
The fundamentals of Python!

The fundamentals of Python Author: Mohamed NIANG, Staff ML Scientist Presentation This repository contains notebooks on the fundamentals of Python. Th

Mohamed NIANG 1 Mar 15, 2022
Git Hooks Tutorial.

Git Hooks Tutorial My public talk about this project at Sberloga: Git Hooks Is All You Need 1. Git Hooks 101 Init git repo: mkdir git_repo cd git_repo

Dani El-Ayyass 17 Oct 12, 2022
Backend Interview Challenge

Inspect HOA backend challenge This is a simple flask repository with some endpoints and requires a few more endpoints. It follows a simple MVP (model-

1 Jan 20, 2022
PREFS is a Python library to store and manage preferences and settings.

PREFS PREFS is a Python library to store and manage preferences and settings. PREFS stores a Python dictionary in a total human-readable file, the PRE

Pat 13 May 26, 2022
Convert-Decimal-to-Binary-Octal-and-Hexadecimal

Convert-Decimal-to-Binary-Octal-and-Hexadecimal We have a number in a decimal number, and we have to convert it into a binary, octal, and hexadecimal

Maanyu M 2 Oct 08, 2021
Delayed iteration for polling and retries.

Does Python need yet another retry / poll library? It needs at least one that isn't coupled to decorators and functions. Decorators prevent the caller

A. Coady 22 Dec 29, 2022
Patch PL to disable LK verification. Patch LK to disable boot/recovery verification.

Simple Python(3) script to disable LK verification in Amazon Preloader images and boot/recovery image verification in Amazon LK ("Little Kernel") images.

Roger Ortiz 18 Mar 17, 2022
Project Faros is a reference implimentation of Red Hat OpenShift 4 on small footprint, bare-metal clusters.

Project Faros Project Faros is a reference implimentation of Red Hat OpenShift 4 on small footprint, bare-metal clusters. The project includes referen

project: Faros 9 Jul 18, 2022