安卓手机pixel6 pro 抓包app 报错:DumpResponse error
Qiaijueqing opened this issue · 10 comments
raven:/data/local/tmp #
./ecapture tls -m tex -l text6.log <
2024/02/26 15:05:14 Your environment is like a container. We won't be able to detect the BTF configuration.
2024/02/26 15:05:16 [http response] DumpResponse error: http: ContentLength=298 with Body length 372
2024/02/26 15:05:17 [http response] DumpResponse error: flate: corrupt input before offset 776
2024/02/26 15:05:17 [http response] DumpResponse error: http: ContentLength=69 with Body length 43
2024/02/26 15:05:18 [http response] DumpResponse error: invalid byte in chunk length
2024/02/26 15:05:20 [http response] DumpResponse error: flate: corrupt input before offset 4486
2024/02/26 15:05:21 DumpRequest error: unexpected EOF
2024/02/26 15:05:21 DumpRequest error: unexpected EOF
2024/02/26 15:05:22 [http response] DumpResponse error: invalid byte in chunk length
2024/02/26 15:05:22 [http response] DumpResponse error: unexpected EOF
2024/02/26 15:05:25 [http response] DumpResponse error: invalid byte in chunk length
./ecapture tls -m tex --hex -l text6.log 不会报错 但是只能输出hex最大为4096 实际为7820
./ecapture tls -m pcap -i wlan0 --pcapfile=ecapture.pcapng 报错如下
tls_2024/02/26 15:38:11 EBPFProbeOPENSSL TLS1_3_VERSION: save CLIENT_RANDOM a68b26078669f4bfbc265d2642e23a6e7dea94c75cca1788e763cfe1ee7c517b to file success, 1098 bytes
tls_2024/02/26 15:38:11 EBPFProbeOPENSSL master secret length is too long, truncate to 64 bytes, but it may cause keylog file error
tls_2024/02/26 15:38:11 EBPFProbeOPENSSL TLS1_3_VERSION: save CLIENT_RANDOM 2a2b89fb7155fbd9551b8127c226681d07f05c526f4497bd85e2cb214d545bd0 to file success, 1098 bytes
tls_2024/02/26 15:38:12 EBPFProbeOPENSSL master secret length is too long, truncate to 64 bytes, but it may cause keylog file error
tls_2024/02/26 15:38:12 EBPFProbeOPENSSL TLS1_3_VERSION: save CLIENT_RANDOM ab8d67bdf7730f65d4ce8cdbf1551353825ed253ba778a8ad6ba2791ac88826f to file success, 1098 bytes
tls_2024/02/26 15:38:13 EBPFProbeOPENSSL master secret length is too long, truncate to 64 bytes, but it may cause keylog file error
tls_2024/02/26 15:38:13 EBPFProbeOPENSSL TLS1_3_VERSION: save CLIENT_RANDOM 9815614f6a30d046a3b3b68fd0b8c9a67e18a1bab1d412fd1465f67ddd98961a to file success, 1098 bytes
tls_2024/02/26 15:38:13 EBPFProbeOPENSSL TLS1_3_VERSION: save CLIENT_RANDOM b3b29da7d9008fcf97445989bebcc2515c33dd5abb23a7c99f804bcbd710becc to file success, 858 bytes
tls_2024/02/26 15:38:13 EBPFProbeOPENSSL master secret length is too long, truncate to 64 bytes, but it may cause keylog file error
请补充详细信息。
测试的app是哪个? 操作顺序是什么?
应用为:https://apkcombo.com/gcash/com.globe.gcash.android/
ecapture版本:0.7.4
操作顺序为:
adb shell
su
cd /data/local/tmp/
./ecapture tls -m tex -l text6.log
启动app 登录 直到验证码过后输入密码部分
报错结果为:
2024/02/26 15:05:14 Your environment is like a container. We won't be able to detect the BTF configuration.
2024/02/26 15:05:16 [http response] DumpResponse error: http: ContentLength=298 with Body length 372
2024/02/26 15:05:17 [http response] DumpResponse error: flate: corrupt input before offset 776
2024/02/26 15:05:17 [http response] DumpResponse error: http: ContentLength=69 with Body length 43
2024/02/26 15:05:18 [http response] DumpResponse error: invalid byte in chunk length
2024/02/26 15:05:20 [http response] DumpResponse error: flate: corrupt input before offset 4486
2024/02/26 15:05:21 DumpRequest error: unexpected EOF
2024/02/26 15:05:21 DumpRequest error: unexpected EOF
2024/02/26 15:05:22 [http response] DumpResponse error: invalid byte in chunk length
2024/02/26 15:05:22 [http response] DumpResponse error: unexpected EOF
2024/02/26 15:05:25 [http response] DumpResponse error: invalid byte in chunk length
./ecapture tls -m tex --hex -l text6.log
不会报错 但是只能输出hex最大为4096 实际为7820
hex模式下是否可以支持过长分段打印?
hex输出格式下,不支持分段。 或者你可以使用-m pcap模式保存查看。
另外,不是已经输出到text6.log里了吗? 直接打开看呗,为什么还需要分段。
只有 ./ecapture tls -m tex --hex -l text6.log 有输出结果 ./ecapture tls -m tex -l text6.log 和 ./ecapture tls -m pcap -i wlan0 --pcapfile=ecapture.pcapng 报错数据包没有捕获到
I have partially reproduced the similar DumpResponse error mentioned by @Qiaijueqing on my Ubuntu 22.04.
Reproduce
run the following command in one terminal:
sudo ./ecapture tls -m texrun the following command in another terminal:
wget -d --header 'Accept-Encoding: gzip' https://www.baidu.comoutput from ecapture:
tls_2024/03/01 09:47:41 UUID:13032_13032_wget_3_1, Name:HTTPRequest, Type:1, Length:124
tls_2024/03/01 09:47:41
GET / HTTP/1.1
Host: www.baidu.com
Accept: */*
Accept-Encoding: gzip
Connection: Keep-Alive
User-Agent: Wget/1.21.2
2024/03/01 09:47:41 [http response] DumpResponse error: http: ContentLength=1145 with Body length 2443
The error is returned from net/http/trasfer.go::writeBody():
if !t.ResponseToHEAD && t.ContentLength != -1 && t.ContentLength != ncopy {
return fmt.Errorf("http: ContentLength=%d with Body length %d",
t.ContentLength, ncopy)
}#497 此错误和我提到的错误一样
预计本周发布修复后版本。
@Qiaijueqing 请使用 v0.7.5 验证一下。
any chance for android nocore aarch64 version?
any chance for android nocore aarch64 version?
uploaded. In the future, core and non-core versions will not be distinguished.