Closed mpeck12 closed 4 months ago
When spawn and full capture are enabled, pcap.PCAP is called twice, starting tcpdump twice.
Example:
./friTap.py -m -f -k keylog -p 12.pcap -s com.package [*] capturing whole traffic of target app [*] doing full capture on Android tcpdump: data link type LINUX_SLL2 tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes [*] capturing whole traffic of target app [*] doing full capture on Android tcpdump: data link type LINUX_SLL2 tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes [*] Running Script on Android
I fixed it like this, but not sure if this is the right logic:
diff --git a/friTap/friTap.py b/friTap/friTap.py index 24f36d5..893892c 100644 --- a/friTap/friTap.py +++ b/friTap/friTap.py @@ -379,7 +379,7 @@ def ssl_log(app, pcap_name=None, verbose=False, spawn=False, keylog=False, enabl print(f'[*] friTap will continue after the named pipe is ready....\n') pcap_obj = pcap.PCAP(fifo_file,SSL_READ,SSL_WRITE,full_capture, mobile,debug_mode) - elif pcap_name: + elif pcap_name and (not(spawn) or not(full_capture)): pcap_obj = pcap.PCAP(pcap_name,SSL_READ,SSL_WRITE,full_capture, mobile,debug_mode)
Thx for reporting this issue :-)
Actually there was a logic bug there and should be resolved in the latest version (1.1.0.1).
If it still present reopen this issue.
When spawn and full capture are enabled, pcap.PCAP is called twice, starting tcpdump twice.
Example:
I fixed it like this, but not sure if this is the right logic: