Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

浏览器抓包 #14

Closed
dadaewqq opened this issue Dec 3, 2020 · 3 comments
Closed

浏览器抓包 #14

dadaewqq opened this issue Dec 3, 2020 · 3 comments

Comments

@dadaewqq
Copy link

dadaewqq commented Dec 3, 2020

问候

你好呀!

现象

刚开始抓的一般app没发现问题。
不过后来试着抓浏览器的包,试了好几个浏览器都发现没有抓下东西

疑惑

个人猜想不是因为包名选的是浏览器,但是浏览网页时的流量是通过webview的,所以抓不到?

@r0ysue
Copy link
Owner

r0ysue commented Dec 4, 2020

捕获
从nethogs确定的进程来看,收发包一定在这个进程中。
捕获2
从对该进程trace Socket的结果来看,确实走的是conscrypt.ConscryptFileDescriptorSocket$SSLInputStream.read和ConscryptFileDescriptorSocket$SSLOutputStream.write,理论上是可以抓到的才对。。。今天没时间分析了,回头再仔细分析下(咕咕咕

@r0ysue r0ysue closed this as completed Dec 4, 2020
@r0ysue
Copy link
Owner

r0ysue commented Dec 4, 2020

有兴趣加我vx,我们一起研究。

@r0ysue
Copy link
Owner

r0ysue commented Dec 4, 2020

用DDMS来trace试了下,发现Java层是没有任何收发包的接口的。
猜想chromium是一套完整的跨平台C++写的内核,因为它横跨全PC/移动终端平台,所以Java层啥都没有,连SSL库都用的自己写的。所以得单独逆它才行,它完全没有走通用API。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants