Simple utlity for sniffing decrypted HTTP/HTTPS traffic on a jailbroken iOS device into an HAR format.

Last update: Dec 25, 2022

Overview

Description

iOS devices contain a hidden feature for sniffing decrypted HTTP/HTTPS traffic from all processes using the CFNetwork framework into an HAR format. To trigger this feature on a jailbroken device, you can simply place the correct configuration for com.apple.CFNetwork and trigger the com.apple.CFNetwork.har-capture-update notification.

Since this capture triggers syslog lines, which can be associated with their producing image name and pid, we can also connect each request-response to their corresponding process and the image name which triggered it.

This project is just a simple utility for using this feature.

How to use

If you would like to build yourself using Theos, simply use make package.

I've already supplied with all the necessary binaries, so you don't have to. You can just install the .deb file found in the packages subdirectory, or use the compiled bin/harlogger.

After deploy, simply run on the remote device:

# trigger monitor HTTP/HTTPS traffic for the next 120 seconds
harlogger 120

# or just trigger for infinity
harlogger --infinite

Now you can just run locally:

./remote_har_listener.py -o out.har

When hitting the Ctrl+C, the script should exit and dump all captured entries into given output file, if any.

The output should look like:

Coursework project for DIP class. The goal is to use vision to guide the Dashgo robot through two traffic cones in bright color.

3 Oct 24, 2022

Traffic flow test platform, especially for reinforcement learning

Traffic Flow Test Platform Traffic flow test platform, especially for reinforcement learning, named TFTP. A traffic signal control framework that can

4 Nov 7, 2022

tidevice can be used to communicate with iPhone device

h 该工具能够用于与iOS设备进行通信, 提供以下功能截图获取手机信息 ipa包的安装和卸载根据bundleID 启动和停止应用列出安装应用信息模拟Xcode运行XCTest，常用的如启动WebDriverAgent测试

1.8k Dec 30, 2022

AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.

814 Dec 26, 2022

An AI-powered device to stop people from stealing my packages.

Package Theft Prevention Device An AI-powered device to stop people from stealing my packages. Installation To install on a raspberry pi, clone the re

157 Nov 24, 2022

Easily map device and application controls to a midi controller

pymidicontroller Introduction Easily map device and application controls to a midi controller

24 May 16, 2022

This application demonstrates IoTVAS device discovery and security assessment API integration with the Rapid7 InsightVM.

Introduction This repository hosts a sample application that demonstrates integrating Firmalyzer's IoTVAS API with the Rapid7 InsightVM platform. This

4 Nov 9, 2022

Script for resizing MTD partitions on a QNAP device in order to be available to upgrade from buster to bullseye

QNAP partitions resize for kirkwood devices. As explained by Marin Michlmayr, Debian bullseye support on kirkwood QNAP devices was dropped due to [mai

26 Jan 5, 2023

CDM Device Checker for python

79 Dec 14, 2022

Comments

[Question] - jb required to sniff or only to install CFNetwork plist file?

It was not clear to me, so, is the jb needed also to start sniffing or it is just required to setup harlogger (install the plist file and/or adjust target process)? Thanks!

opened by iam-theKid 3
which python version should we use for best out come?

[email protected] harlogger-master % ./remote_har_listener.py -o output.har Traceback (most recent call last): File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 151, in main() File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 829, in call return self.main(*args, **kwargs) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 782, in main rv = self.invoke(ctx) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 1066, in invoke return ctx.invoke(self.callback, **ctx.params) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 610, in invoke return callback(*args, **kwargs) File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 109, in main assert line == b'[connected]' AssertionError

opened by zerishpho 3

Releases(v2.1.2)

v2.1.2(Sep 18, 2022)
What's Changed

d4704489eaad08138af6da16445c92937edb386b fix support for pymobiledevice3>=1.29.1 (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.1...v2.1.2
Source code(tar.gz)
Source code(zip)
v2.1.1(Jun 29, 2022)
What's Changed

ac04c5f933f1cef83f9f187b1dc129f47248c35b setup: remove package_data to allow global installs (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.0...v2.1.1
Source code(tar.gz)
Source code(zip)
v2.1.0(Oct 28, 2021)
Changelog

b371ab9b57d2263353be241cecb1ddfcf5c2536e preference mode: add process name filter (@doronz88)

f2da1d4b7e32b982c6244b3b7d5bf592ebe673ce bump version to 2.1.0 (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.0.0...v2.1.0
Source code(tar.gz)
Source code(zip)
v2.0.0(Oct 21, 2021)

First release as a python package!
Source code(tar.gz)
Source code(zip)

Owner

GitHub Repository

通过简单的卷积神经网络直接预测出验证码图片中滑块的位置

使用说明 1. 在本地测试运行python3 prdict_one.py即可，默认需要预测的图片路径位于testImg文件夹下的test1.png 运行python3 predict_folder.py预测testImg下的所有图片 2. 部署到服务器运行python3 run_a_server

12 Mar 08, 2022

A small script I made that takes any standard Decklist of magic the gathering cards and pulls all card images from scryfall at once!

15 Aug 26, 2022

This script can be used to get unlimited Gb for WARP.

Warp-Unlimited-GB This script can be used to get unlimited Gb for WARP. How to use Change the value of the 'referrer' to warp id of yours You can down

1 Feb 14, 2022

Python implementation of Newton's Fractal

Newton's Fractal Animates Newton's fractal between two polynomials of the same order. Inspired by this video by 3Blue1Brown. Example fractals can be f

10 Aug 04, 2022

Import modules and files straight from URLs.

Import Python code from modules straight from the internet.

2 Jan 15, 2022

Data Poisoning based on Adversarial Attacks using Non-Robust Features

Data Poisoning based on Adversarial Attacks using Non-Robust Features Usage python main.py [-h] [--gpu | -g GPU] [--eps |-e EPSILON] [--pert | -p PER

1 Nov 02, 2021

MobaXterm-GenKey

MobaXterm-GenKey 你懂的！！本地启动需要安装Python3!!!

328 Dec 29, 2022

Academic planner application designed for students and counselors.

2 Dec 31, 2021

The program converts Swiss notes into American notes

Informatik-Programmieren Einleitung: Das Programm rechnet Schweizer Noten in das Amerikanische Noten um. Der Benutzer kann seine Note eingeben und der

2 Dec 16, 2021

Цифрова збрoя проти xуйлoвської пропаганди.

Паляниця Цифрова зброя проти xуйлoвської пропаганди. Щоб негайно почати шкварити рашистські сайти – мерщій у швидкий старт! ⚡️ А коли ворожі сервери в

8 Mar 22, 2022

Convex Optimisation MVA course - Assignment

Convex Optimisation MVA course - Assignment This repository contains the coding files of the third assignment in the MVA Convex Optimisation course. U

1 Nov 27, 2021

A redesign of our previous Python World Cup, aiming to simulate the 2022 World Cup all the way from the qualifiers

A redesign of our previous Python World Cup, aiming to simulate the 2022 World Cup all the way from the qualifiers. This new version is designed to be more compact and more efficient and will reflect

1 Jan 07, 2022

Translation patch for Hololive ERROR

Translation patch for Hololive ERROR How do I install the patch? Grab the Translation.zip file for the latest version from the releases page, and unzi

18 Jul 20, 2022

Ontario-Covid-Screening - An automated Covid-19 School Screening Tool for Ontario

Ontario-Covid19-Screening An automated Covid-19 School Screening Tool for Ontari

0 Feb 20, 2022

Prometheus exporter for chess.com player data

chess-exporter Prometheus exporter for chess.com player data implemented via chess.com's published data API and Prometheus Python Client Example use c

7 Feb 28, 2022

Bootcamp de Introducción a la Programación. Módulo 6: Matemáticas Discretas

Módulo 6: Matemáticas Discretas Última actualización: 12 de marzo Irónicamente, las matemáticas discretas son las matemáticas que lo cuentan todo. Si

34 Sep 29, 2022

Thumbor-bootcamp - learning and contribution experience with ❤️ and 🤗 from the thumbor team

9 Jul 11, 2022

Custom component to calculate estimated power consumption of lights and other appliances

Custom component to calculate estimated power consumption of lights and other appliances. Provides easy configuration to get virtual power consumption sensors in Home Assistant for all your devices w

552 Dec 28, 2022

0CD - BinaryNinja plugin to introduce some quality of life utilities for obsessive compulsive CTF enthusiasts

0CD Author: b0bb Quality of life utilities for obsessive compulsive CTF enthusia

12 Sep 14, 2022

Get the stats of a (or more) Hypixel player(s)

Hypixel_Stats Get the statistics of a (or more) Hypixel player(s) Who needs this? Everyone who plays a lot of Minecraft and often plays on mc.hypixel.

1 Feb 12, 2022