New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

how to use #1

Open
yattamax opened this Issue Sep 3, 2017 · 3 comments

Comments

Projects
None yet
2 participants
@yattamax
Copy link

yattamax commented Sep 3, 2017

Hi jhford :)

I found this project here:
nodejs/node#2363

This project can be very usefull for a my local project based on "electron" (https://electron.atom.io/) but I dont understand very well how to integrate it :(

Can you tell an example based on your experience ?
(I don't ask you to help me how to integrate this on my project, only how you normally use it)
:)

Very thanks
Max

@forestjohnsonpeoplenet

This comment has been minimized.

Copy link

forestjohnsonpeoplenet commented Nov 2, 2018

I dont think it works (at least for my use case)

This was a script I wrote to patch this code into the yarn command line tool. But it doesn't work for me. Based on the comments on the original thread I don't think this method works at all.

yarnshark.sh

#!/bin/bash 

YARN_RUNTIME_LOCATION="$(dirname "$(readlink -f "$(which yarn)")")"

if [ ! -f "$YARN_RUNTIME_LOCATION/sslkeylogger.js" ]; then

  curl -s "https://raw.githubusercontent.com/forestjohnsonpeoplenet/node-https-wireshark/master/index.js" > "$YARN_RUNTIME_LOCATION/sslkeylogger.js"

fi
cp "$YARN_RUNTIME_LOCATION/yarn.js" "$YARN_RUNTIME_LOCATION/yarn.js.bak"

YARN_CLI_LINE_NUMBER="$(cat "$YARN_RUNTIME_LOCATION/yarn.js" | grep -n -e "^ *var cli = require" | sed "s/\\([0-9][0-9]*\\):.*/\\1/")"
YARN_CLI_LINE_NUMBER=$(($YARN_CLI_LINE_NUMBER - 1))

FIRST_HALF=$(cat "$YARN_RUNTIME_LOCATION/yarn.js" | head -n $YARN_CLI_LINE_NUMBER)
LAST_HALF=$(cat "$YARN_RUNTIME_LOCATION/yarn.js" | tail -n +$(($YARN_CLI_LINE_NUMBER + 1)) ) 

echo "$FIRST_HALF" > "$YARN_RUNTIME_LOCATION/yarn.js"
echo "require(\"./sslkeylogger\")" >> "$YARN_RUNTIME_LOCATION/yarn.js"
echo "console.log(\"This yarn is logging HTTPS session keys using https://github.com/forestjohnsonpeoplenet/node-https-wireshark\")" >> "$YARN_RUNTIME_LOCATION/yarn.js"
echo "$LAST_HALF" >> "$YARN_RUNTIME_LOCATION/yarn.js"

#echo "$YARN_RUNTIME_LOCATION/yarn.js"
#cat "$YARN_RUNTIME_LOCATION/yarn.js"

tcpdump -i any -s 65535 -w yarn.pcap &

TCPDUMP_PID=$!

SSLKEYLOGFILE="$(pwd)/SSLKEYLOG" yarn $@

kill $TCPDUMP_PID

rm "$YARN_RUNTIME_LOCATION/sslkeylogger.js"
rm "$YARN_RUNTIME_LOCATION/yarn.js"
mv "$YARN_RUNTIME_LOCATION/yarn.js.bak" "$YARN_RUNTIME_LOCATION/yarn.js"
@forestjohnsonpeoplenet

This comment has been minimized.

Copy link

forestjohnsonpeoplenet commented Nov 2, 2018

AHAH! never mind! I actually got it to work!

The last thing I was missing: there was a space missing in the format written to the SSLKEYLOG file in betwene the session key and the master secret. After adding that space there, wireshark parses it just fine.

If you want a working example check out my above yarnshark.sh Shell Script file (shows how to inject this into an existing node app) and my fork of this repo: https://github.com/forestjohnsonpeoplenet/node-https-wireshark

@forestjohnsonpeoplenet

This comment has been minimized.

Copy link

forestjohnsonpeoplenet commented Nov 2, 2018

Keep in mind this will only work for node apps that do require('https'); ... https.request(....)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment