V0.6.5版本https流量未输出明文信息 #415

BiteFoo · 2023-11-16T01:17:49Z

Describe the bug
使用0.6.5版本抓取流量时输出的内容是乱码数据，如下

oriole:/data/local/tmp # ./ecapture tls -u 10253
tls_2023/11/16 01:06:23 ECAPTURE :: ecapture Version : androidgki_aarch64:0.6.5-20231111-256a2b5:[CORE]
tls_2023/11/16 01:06:23 ECAPTURE :: Pid Info : 7551
tls_2023/11/16 01:06:23 ECAPTURE :: Kernel Info : 5.10.149
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	module initialization
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	master key keylogger: ecapture_masterkey.log
tls_2023/11/16 01:06:23 ECAPTURE ::	Module.Run()
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	UPROBE MODEL
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	OpenSSL/BoringSSL version found, ro.build.version.release=13
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	HOOK type:2, binrayPath:/apex/com.android.conscrypt/lib64/libssl.so
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	libPthread:/apex/com.android.runtime/lib64/bionic/libc.so
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	Hook masterKey function:SSL_in_init
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	target all process.
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	target UID:10253
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	BPF bytecode filename:user/bytecode/boringssl_a_13_kern.o
tls_2023/11/16 01:06:23 EBPFProbeOPENSSL	module started successfully.
tls_2023/11/16 01:06:23 ECAPTURE :: 	start 1 modules

测试请求https://www.baidu.com输出的是乱码，如下

To Reproduce
Steps to reproduce the behavior:

下载ecapture-v0.6.5-android_core-aarch64 版本
push到手机内adb push ecapture /data/local/tmp
执行tls进行查看
app请求https后就会看到错误

Expected behavior
希望能输出明文信息。

Screenshots
If applicable, add screenshots to help explain your problem.

Linux Server/Android (please complete the following information):

Env: [run make env to get the environment variables]
OS: Android
Arch: aarch64
Kernel Version:
Linux localhost 5.10.149-android13-4-00003-gebdbc9fbe2e2-ab9664856 5.10.101 not support #1 SMP PREEMPT Mon Feb 27 10:44:09 UTC 2023 aarch64 Toybox
Version: Android13

Additional context

The text was updated successfully, but these errors were encountered:

cfc4n · 2023-11-16T10:42:37Z

这个问题也不是“未输出明文信息”，理论上应该是你之前提到的“响应”没打印出来的问题。

不过，你这里的截图，却看到了响应。这让我很困惑，bug到底存在不存在呢？

晚点我测试一下，感谢反馈。

cfc4n · 2023-11-18T08:08:01Z

如 #419 提到的一样，将会在 #386 里修复。

gitlsl · 2023-12-13T00:59:20Z

看你关闭了#386 , 现在http返回gzip/br压缩是很常见的情况, 可否增加一个参数控制自动解码?

cfc4n · 2023-12-13T11:05:20Z

你可以重新提一个issue，我考虑一下如何支持吧。

BiteFoo changed the title ~~V0.6.5版本输出https流量未输出明文信息~~ V0.6.5版本https流量未输出明文信息 Nov 16, 2023

BiteFoo added a commit to BiteFoo/ecapture that referenced this issue Nov 16, 2023

fix: bug gojue#415

1708b37

cfc4n mentioned this issue Nov 16, 2023

修复tls输出乱码问题 #419

Closed

cfc4n closed this as completed Nov 18, 2023

cfc4n added 🐞 bug Something isn't working question Further information is requested labels Nov 18, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

V0.6.5版本https流量未输出明文信息 #415

V0.6.5版本https流量未输出明文信息 #415

BiteFoo commented Nov 16, 2023

cfc4n commented Nov 16, 2023

cfc4n commented Nov 18, 2023

gitlsl commented Dec 13, 2023

cfc4n commented Dec 13, 2023

V0.6.5版本https流量未输出明文信息 #415

V0.6.5版本https流量未输出明文信息 #415

Comments

BiteFoo commented Nov 16, 2023

cfc4n commented Nov 16, 2023

cfc4n commented Nov 18, 2023

gitlsl commented Dec 13, 2023

cfc4n commented Dec 13, 2023