Open U039b opened 7 months ago
Proposed implementation: The entry point is a single command to be executed on the PiRogue. This command will:
Along with a reorganization of the PiRogue Debian packages, we are introducing a new package pirogue-evidence-collector
creating the following entry points:
pirogue-android
to interact with an Android device and run commands on it.pirogue-file-drop
to expose a web server allowing the user to upload files from their device to the PiRogue.pirogue-extract-metadata
to extract metadata of a file and save it separately in [original file name].metadata.json
.pirogue-timestamp
to time stamp files by requesting a 3rd-party RFC3161 authority.pirogue-intercept-[gated|single]
to instrument an Android application to analyze its network traffic.We are planning to release this Debian package next month.
The primary challenge was to establish a mechanism for offline timestamp verification exclusively reliant upon OpenSSL.
The two commands responsible for intercepting TLS client randoms now utilize friTap. Given that friTap supports a broader range of TLS implementations compared to our initial implementation, we have decided to integrate friTap directly.
We have added the dynamic generation of hooks to the commands pirogue-intercept-[gated|single]
. The different Frida hooks to be generated and injected are defined by the user in JSON format. This feature will be documented when the Debian package will be released.
The release of the Debian package has been postponed, more testing has to be performed before its first release.
We are planning to document and release this Debian package next month.
None.
Users can take a watermarked capture or recording of their phone screen.