search

tweaselORG / cyanoacrylate

Toolkit for large-scale automated traffic analysis of mobile apps on Android and iOS.
MIT License
5 stars 1 forks source link

Can't start traffic collection with v0.1.0 #12

Closed baltpeter closed 1 year ago

baltpeter commented 1 year ago

I just did yarn add cyanoacrylate and then ran the example from the README:

import { pause, startAnalysis } from 'cyanoacrylate';

(async () => {
    console.log(1);
    const analysis = startAnalysis({
        platform: 'android',
        runTarget: 'device',
        capabilities: [],
    });
    console.log(2, analysis);

    const app = ['/home/benni/Downloads/single-apks/de.tk.tkapp_168_apps.evozi.com.apk'];

    // Start the emulator and ensure that everything is set up correctly.
    await analysis.ensureDevice();

    const appAnalysis = await analysis.startAppAnalysis(app);

    await appAnalysis.installApp();
    await appAnalysis.setAppPermissions();
    await appAnalysis.startTrafficCollection();
    await appAnalysis.startApp();

    // Pause to wait for the app to generate network traffic.
    await pause(6_000);

    await appAnalysis.stopTrafficCollection();
    const analysisResults = await appAnalysis.stop();
    console.dir(analysisResults, { depth: null });

    await analysis.stop();
})();

This gave me the following error:

/tmp/sfgdfgdfgfdfg/node_modules/cyanoacrylate/dist/index.js:214
                        if (e.name === "TimeoutError") throw new (0, $hgUW1$TimeoutError)("Starting mitmproxy failed after a timeout.");
                                                             ^

TimeoutError: Starting mitmproxy failed after a timeout.
    at <anonymous> (/tmp/sfgdfgdfgfdfg/node_modules/cyanoacrylate/dist/index.js:214:62)
    at Object.startTrafficCollection (/tmp/sfgdfgdfgfdfg/node_modules/cyanoacrylate/dist/index.js:198:21)
    at <anonymous> (/tmp/sfgdfgdfgfdfg/index.ts:19:5)

Node.js v18.15.0

Even though I got no output from yarn, a venv was created and it looks like mitmproxy was installed:

❯ ls -a node_modules/cyanoacrylate/.venv/bin
activate       flask          frida-create    frida-ls          frida-push   mitmdump    objection  pygmentize  python3.10
activate.csh   frida          frida-discover  frida-ls-devices  frida-rm     mitmproxy   pip        pysemver    sqlformat
activate.fish  frida-apk      frida-join      frida-ps          frida-trace  mitmweb     pip3       python      tabulate
Activate.ps1   frida-compile  frida-kill      frida-pull        litecli      normalizer  pip3.10    python3
baltpeter commented 1 year ago

Looks like the problem is with the addon paths, here's how mitmdump is being started:

spawnargs: [
    'mitmdump',
    '--mode',
    'wireguard',
    '-s',
    '/mitmproxy-addons/ipcEventsAddon.py',
    '-s',
    '/mitmproxy-addons/har_dump.py',
    '--set',
    'hardump=/tmp/eccc1a6e7038edc0866afb0b15bfc19b.har',
    '--set',
    'ipcPipeFd=3'
  ]
baltpeter commented 1 year ago

_dirname is /src.

baltpeter commented 1 year ago

In the bundle, const __dirname = dirname(fileURLToPath(import.meta.url)); was turned into const __dirname = (0, $hgUW1$dirname)((0, $hgUW1$fileURLToPath)("file:///src/index.ts"));.

baltpeter commented 1 year ago

That's by design, apparently: https://parceljs.org/languages/javascript/#import.meta

baltpeter commented 1 year ago

We'll just use https://www.npmjs.com/package/cross-dirname instead.