module run failed, [skip it]. error:EBPFProbeOPENSSL couldn't find asset open user/bytecode: file does not exist
Closed this issue · 5 comments
树莓派 4B 内核 5.10.201
OpenWrt
./ecapture tls
2024/04/05 12:07:53 Your environment is like a container. We won't be able to detect the BTF configuration.
tls_2024/04/05 12:07:53 ECAPTURE :: ecapture Version : linux_aarch64:0.7.6-20240330-f1930dc:[CORE]
tls_2024/04/05 12:07:53 ECAPTURE :: Pid Info : 18932
tls_2024/04/05 12:07:53 ECAPTURE :: Kernel Info : 5.10.201
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL module initialization
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL master key keylogger:
tls_2024/04/05 12:07:53 ECAPTURE :: Module.Run()
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL Text MODEL
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL libPthread path not found, IP info lost.
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL HOOK type:2, binrayPath:/usr/lib64/libssl.so.1.1
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL Hook masterKey function:[SSL_get_wbio SSL_in_before SSL_do_handshake]
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL target all process.
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL target all users.
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL BPF bytecode filename:user/bytecode
tls_2024/04/05 12:07:53 EBPFProbeOPENSSL module run failed, [skip it]. error:EBPFProbeOPENSSL couldn't find asset open user/bytecode: file does not exist .
tls_2024/04/05 12:07:53 ECAPTURE :: No runnable modules, Exit(1)
Can you give me a test environment?
我只能给你固件包的下载地址
https://fw3.koolcenter.com:5000/iStoreOS/rpi4/istoreos-22.03.6-2024031514-raspberrypi-rpi4-squashfs.img.gz
原谅我太穷了送不了你树莓派
可以给我ssh 的帐号密码。
可以给我ssh 的帐号密码。
内网部署,可以远程我的电脑然后进去
你可以自己debug一下看看是哪里的问题吗?
大概是
ecapture/user/module/probe_openssl_lib.go
Lines 117 to 243 in f1930dc
m.sslBpfFile
变量获取失败导致的。