Debugging friTap

When we want to debug our friTap script we have at first compile our changes to the friTap-agent script _ssl_log.js. For this run our docker compiling instance from the repo root folder:

$ ./compile_agent.sh

Alternative just run frida-compile:

$ ./frida-compile agent/ssl_log.ts -o friTap/_ssl_log.js

Next we have to run friTap with the -d-flag (debug flag) which allows:

• printing content to the terminal via the devlog()-statement from the Typescript code
• starting friTap with the Chrome Inspector server running on port 1337

Here an example running friTap to debug its agent (_ssl_log.js) while hooking thunderbird:

sudo -E ./friTap.py -d -v -p mypthunderpcap.pcap 18813
Start logging
Press Ctrl+C to stop logging.
[*] Running Script
[*] starting debug mode on Port 1337
[*] libnspr4.so found & will be hooked on Linux!
[***] Found PR_Write 0x7f20710cd450
[***] Found PR_Read 0x7f20710cd440
[***] Found PR_FileDesc2NativeHandle 0x7f20710e6dd0
[***] Found PR_GetPeerName 0x7f20710cd5d0
[***] Found PR_GetSockName 0x7f20710cd5c0
[***] Found PR_GetNameForIdentity 0x7f20710ce680
[***] Found PR_GetDescType 0x7f20710cd420
[***] Found PK11_ExtractKeyValue 0x7f2071055140
[***] Found PK11_GetKeyData 0x7f20710551f0
[***] Found SSL_ImportFD 0x7f2070e55060
[***] Found SSL_GetSessionID 0x7f2070e4fed0
[***] Found SSL_HandshakeCallback 0x7f2070e4ed90
[***] Found getpeername 0x7f207145c730
[***] Found getsockname 0x7f207145c760
[***] Found ntohs 0x7f207146b780
[***] Found ntohl 0x7f207146b770
[*] Linux dynamic loader hooked.
[*] Logging TLS plaintext as pcap to mypthunderpcap.pcap