Closed baltpeter closed 2 months ago
I'm running in a live environment. Some first observations:
plugdev
group by default.openssl
comes preinstalled.To install Node:
sudo apt update
sudo apt install nodejs yarnpkg
That gave me Node 18.13.0. Great, no PPAs needed!
Then, I installed CLI using (because the andromatic changes aren't released yet):
yarnpkg global add ./tweasel-cli-v0.1.0.tgz
That failed with:
The virtual environment was not created successfully because ensurepip is not
available. On Debian/Ubuntu systems, you need to install the python3-venv
package using the following command:
apt install python3.11-venv
So, I did that:
sudo apt install python3.11-venv
Then, it worked.
But unfortunately, yarn's bin path is not part of $PATH
by default. So, I tried npm instead:
sudo apt install npm
sudo npm i -g ./tweasel-cli-v0.1.0.tgz
With that, I could run tweasel
without updating the $PATH
.
Then, I ran tweasel autocomplete
and followed the instructions to setup autocomplete in the shell (zsh).
I plugged in a phone and downloaded an XAPK from APKPure and an APKM from APKMirror (isn't that convenient? :D).
I ran:
tweasel record-traffic app.xapk --bypass-tracking-domain-resolution-check
The phone prompted me to accept the USB debugging connection, which I did, opting to always trust the computer.
After a while, the command failed with "Could not start analysis with invalid app". Seems like we do need some more work for XAPK support in CLI.
Same thing with the APKM. Actually, I just remembered that I already created an issue for that (https://github.com/tweaselORG/appstraction/issues/67). :D
Well, I'll use a regular APK for now.
With an AliExpress APK, it worked just fine and produced a 17MB HAR file that I was able to open in the Firefox dev tools without issues. Notably, I didn't install any udev rules and android-sdk-platform-tools-common
wasn't installed by default, either. Might just be the particular device I used, though.
Running tweasel detect-tracking
on the app produced no results. But I had PiHole activated and rejected the consent dialog, so that's to be expected.
With PiHole disabled, we do get a few requests to facebook/graph-activites-qs
(despite the still rejected consent dialog, of course). :D
Ugh. I wanted to test iOS support but my jailbreaking setup has suddenly broken. Great.
Huh. It only worked without the sudo systemctl stop usbmuxd && sudo usbmuxd -f -p
. With that, the bundled libimobiledevice would never recognize the device. shrug
We've been asked to do a session on how to use CLI on Kali Linux. So, I've downloaded a Kali 2023.1 ISO and am going to document my steps and whether I run into any issues.