Metadata-Version: 2.1
Name: darwin-ssl-sniffer
Version: 0.0.3
Summary: Sniffer for encrypted traffic on darwin-based platforms
Author-email: netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>
Maintainer-email: netanelc305 <netanelc305@protonmail.com>, doronz88 <doron88@gmail.com>
Project-URL: Homepage, https://github.com/netanelc305/Darwin_SSL_sniffer
Project-URL: Bug Reports, https://github.com/netanelc305/Darwin_SSL_sniffer/issues
Keywords: ios,jailbreak,ssl,sniffer,tls,cli,automation,darwin,osx,macos
Classifier: Operating System :: iOS
Classifier: Operating System :: MacOS
Classifier: Development Status :: 5 - Production/Stable
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3 :: Only
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Provides-Extra: test

# Description

**Utility for sniffing SSL/TLS encrypted traffic on a darwin-based platforms.**

`CFNetwork.framework` contains a debug/verbosity global, enforcing a dump of every packet transferred through it, to be
logged into device syslog in plaintext form. In order to have a nicer view with clean control flow of this traffic, we
attach each such packet appropriate TCP flags and write it back into a PCAP file.

This allows us to later dissect this traffic using popular and convenient tools (e.g. Wireshark 🦈).

On iOS, this will require a jailbroken iOS device.

# Installation

```shell
python3 -m pip install -U darwin-ssl-sniffer
```

# Usage

## Local macOS machine

Simply execute:

```shell
# output file can be given using the -o option (traffic.pcapng by default)
python3 -m darwin_ssl_sniffer sniff
```

## Jailbroken iOS device

- Download and install [`rpcserver`](https://rpc-project.readthedocs.io/en/latest/getting_started/installation.html) on
  a jailbroken device.
- Execute:
  ```shell
  python3 -m darwin_ssl_sniffer mobile setup -p 5910
  ```
  This step should be performed only once on the device. The first time will require a device reboot (you will be
  prompted to if this is indeed the first time).
- Execute:
  ```shell
  # output file can be given using the -o option (traffic.pcapng by default)
  python3 -m darwin_ssl_sniffer mobile sniff
  ```





