安卓利用frida+tcpdump抓https包

发表于 | 分类于 |

使用的方案:https://github.com/lasting-yang/frida_bypass_ssl_example

下载tcpdump
https://www.androidtcpdump.com/android-tcpdump/downloads64bit

1
2
3
4
5
6
adb push .\tcpdump /data/local/tmp

 ~  adb shell
OnePlus3:/ # su
OnePlus3:/ # cd /data/local/tmp
OnePlus3:/data/local/tmp # chmod +x tcpdump

手机运行frida-server

1
OnePlus3:/data/local/tmp # ./frida-server-16.2.1-android-arm64

运行获取sslkey_log

1
python sslkey_log.py packagename

之后再安卓上开启抓包

1
data/local/tmp/tcpdump -i any -U -w test.pcap

拿到电脑上wireshark打开

1
adb pull /data/local/tmp/test.pcap test.pcap

配置首选项

tls进行过滤,就可以到解密的http的包了

enter description here

参考

https://github.com/lasting-yang/frida_bypass_ssl_example

打赏专区
paypal: https://www.paypal.me/giantbranch
假如你看不到评论,可能是你访问Disqus被墙了,请使用代理访问