Simple utlity for sniffing decrypted HTTP/HTTPS traffic on a jailbroken iOS device into an HAR format.

Last update: Dec 25, 2022

Overview

Description

iOS devices contain a hidden feature for sniffing decrypted HTTP/HTTPS traffic from all processes using the CFNetwork framework into an HAR format. To trigger this feature on a jailbroken device, you can simply place the correct configuration for com.apple.CFNetwork and trigger the com.apple.CFNetwork.har-capture-update notification.

Since this capture triggers syslog lines, which can be associated with their producing image name and pid, we can also connect each request-response to their corresponding process and the image name which triggered it.

This project is just a simple utility for using this feature.

How to use

If you would like to build yourself using Theos, simply use make package.

I've already supplied with all the necessary binaries, so you don't have to. You can just install the .deb file found in the packages subdirectory, or use the compiled bin/harlogger.

After deploy, simply run on the remote device:

# trigger monitor HTTP/HTTPS traffic for the next 120 seconds
harlogger 120

# or just trigger for infinity
harlogger --infinite

Now you can just run locally:

./remote_har_listener.py -o out.har

When hitting the Ctrl+C, the script should exit and dump all captured entries into given output file, if any.

The output should look like:

Coursework project for DIP class. The goal is to use vision to guide the Dashgo robot through two traffic cones in bright color.

3 Oct 24, 2022

Traffic flow test platform, especially for reinforcement learning

Traffic Flow Test Platform Traffic flow test platform, especially for reinforcement learning, named TFTP. A traffic signal control framework that can

4 Nov 7, 2022

tidevice can be used to communicate with iPhone device

h 该工具能够用于与iOS设备进行通信, 提供以下功能截图获取手机信息 ipa包的安装和卸载根据bundleID 启动和停止应用列出安装应用信息模拟Xcode运行XCTest，常用的如启动WebDriverAgent测试

1.8k Dec 30, 2022

AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.

814 Dec 26, 2022

An AI-powered device to stop people from stealing my packages.

Package Theft Prevention Device An AI-powered device to stop people from stealing my packages. Installation To install on a raspberry pi, clone the re

157 Nov 24, 2022

Easily map device and application controls to a midi controller

pymidicontroller Introduction Easily map device and application controls to a midi controller

24 May 16, 2022

This application demonstrates IoTVAS device discovery and security assessment API integration with the Rapid7 InsightVM.

Introduction This repository hosts a sample application that demonstrates integrating Firmalyzer's IoTVAS API with the Rapid7 InsightVM platform. This

4 Nov 9, 2022

Script for resizing MTD partitions on a QNAP device in order to be available to upgrade from buster to bullseye

QNAP partitions resize for kirkwood devices. As explained by Marin Michlmayr, Debian bullseye support on kirkwood QNAP devices was dropped due to [mai

26 Jan 5, 2023

CDM Device Checker for python

79 Dec 14, 2022

Comments

[Question] - jb required to sniff or only to install CFNetwork plist file?

It was not clear to me, so, is the jb needed also to start sniffing or it is just required to setup harlogger (install the plist file and/or adjust target process)? Thanks!

opened by iam-theKid 3
which python version should we use for best out come?

[email protected] harlogger-master % ./remote_har_listener.py -o output.har Traceback (most recent call last): File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 151, in main() File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 829, in call return self.main(*args, **kwargs) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 782, in main rv = self.invoke(ctx) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 1066, in invoke return ctx.invoke(self.callback, **ctx.params) File "/Library/Frameworks/Python.framework/Versions/3.9/lib/python3.9/site-packages/click/core.py", line 610, in invoke return callback(*args, **kwargs) File "/Users/prime/Downloads/harlogger-master/harlogger-master/./remote_har_listener.py", line 109, in main assert line == b'[connected]' AssertionError

opened by zerishpho 3

Releases(v2.1.2)

v2.1.2(Sep 18, 2022)
What's Changed

d4704489eaad08138af6da16445c92937edb386b fix support for pymobiledevice3>=1.29.1 (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.1...v2.1.2
Source code(tar.gz)
Source code(zip)
v2.1.1(Jun 29, 2022)
What's Changed

ac04c5f933f1cef83f9f187b1dc129f47248c35b setup: remove package_data to allow global installs (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.1.0...v2.1.1
Source code(tar.gz)
Source code(zip)
v2.1.0(Oct 28, 2021)
Changelog

b371ab9b57d2263353be241cecb1ddfcf5c2536e preference mode: add process name filter (@doronz88)

f2da1d4b7e32b982c6244b3b7d5bf592ebe673ce bump version to 2.1.0 (@doronz88)

Full Changelog: https://github.com/doronz88/harlogger/compare/v2.0.0...v2.1.0
Source code(tar.gz)
Source code(zip)
v2.0.0(Oct 21, 2021)

First release as a python package!
Source code(tar.gz)
Source code(zip)

Owner

GitHub Repository

Age of Empires II recorded game parsing and summarization in Python 3.

mgz Age of Empires II recorded game parsing and summarization in Python 3. Supported Versions Age of Kings (.mgl) The Conquerors (.mgx) Userpatch 1.4

148 Dec 11, 2022

使用京东cookie一键生成所有退会链接

JDMemberCloseLinks 本项目旨在使用京东cookie一键生成所有退会链接

68 Jun 10, 2022

Datargsing is a data management and manipulation Python library

Datargsing What is It? Datargsing is a data management and manipulation Python library which is currently in deving Why this library is good? This Pyt

10 Oct 24, 2022

🤖️ Plugin for Sentry which allows sending notification via DingTalk robot.

Sentry DingTalk Sentry 集成钉钉机器人通知 Requirments sentry = 21.5.1 特性发送异常通知到钉钉支持钉钉机器人webhook设置关键字配置环境变量 DINGTALK_WEBHOOK: Optional(string) DINGTALK_CUST

1 Nov 04, 2021

Exactly what it sounds like, which is something rad

EyeWitnessTheFitness External recon got ya down? That scan prevention system preventing you from enumerating web pages? Well look no further, I have t

18 Dec 31, 2022

basic tool for NFT. let's spam, this is the easiest way to generate a hell lotta image

NFT generator this is the easiest way to generate a hell lotta image buckle up and follow me! how to first have your image in .png (transparent backgr

34 Nov 18, 2022

GitHub Actions Version Updater Updates All GitHub Action Versions in a Repository and Creates a Pull Request with the Changes.

GitHub Actions Version Updater GitHub Actions Version Updater is GitHub Action that is used to update other GitHub Actions in a Repository and create

42 Dec 22, 2022

token vesting escrow with cliff and clawback

Yearn Vesting Escrow A modified version of Curve Vesting Escrow contracts with added functionality: An escrow can have a start_date in the past.

62 Dec 08, 2022

TurtleBot Control App - TurtleBot Control App With Python

TURTLEBOT CONTROL APP INDEX: 1. Introduction 2. Environments 2.1. Simulated Envi

4 Aug 03, 2022

Ellipitical Curve Table Generator

Ellipitical-Curve-Table-Generator This script generates a table of elliptical po

1 Jan 02, 2022

It is a Blender Tool which can convert the Object Data Attributes in face corner to the UVs or Vertex Color.

Blender_ObjectDataAttributesConvertTool It is a Blender Tool which can convert the Object Data Attributes in face corner to the UVs or Vertex Color. D

2 Jan 08, 2022

Simple but maybe too simple config management through python data classes. We use it for machine learning.

👩‍✈️ Coqpit Simple, light-weight and no dependency config handling through python data classes with to/from JSON serialization/deserialization. Curre

67 Nov 29, 2022

IPython: Productive Interactive Computing

IPython: Productive Interactive Computing Overview Welcome to IPython. Our full documentation is available on ipython.readthedocs.io and contains info

15.6k Dec 31, 2022

An electron application to check battery of bluetooth devices connected to linux devices.

bluetooth-battery-electron An electron application to check battery of bluetooth devices connected to linux devices. This project provides an electron

15 Dec 03, 2022

OpenTracing API for Python

OpenTracing API for Python This library is a Python platform API for OpenTracing. Required Reading In order to understand the Python platform API, one

767 Dec 16, 2022

Provide error messages for Python exceptions, even if the original message is empty

errortext is a Python package to provide error messages for Python exceptions, even if the original message is empty.

0 Dec 07, 2021

ICEtool - ICEtool plugin for QGIS

ICEtool ICEtool is an all in one QGIS plugin to easily compute ground temperatur

13 Dec 16, 2022

An awesome list of AI for art and design - resources, and popular datasets and how we may apply computer vision tasks to art and design.

Awesome AI for Art & Design An awesome list of AI for art and design - resources, and popular datasets and how we may apply computer vision tasks to a

20 Dec 21, 2022

Encode and decode cancro lang files to and from brainfuck

cancrolang Encode and decode cancro lang files to and from brainfuck. examples python3 main.py -f hello.cancro --run Hello World! the interpreter is n

1 Dec 20, 2021

kodi addon 115网盘

plugin.video.115 kodi addon 115网盘插件,需要kodi 18以上版本，原码播放需配合 https://github.com/feelfar/115proxy-for-kodi 使用安装 HEAD 由于release包尚未释出，可直接下载源代码zip包

109 Dec 29, 2022