Re: [SR-Users] TLS traffic visualization HOWTO

Hello, interesting approach, thanks for sharing! And I would say it a little bit scary on the other hand, so now it easy to attach at runtime to a process and loop execution of some functions through own code just by knowing the name and signature... Cheers, Daniel February 4, 2019 4:01 PM, "Giovanni Maruzzelli" wrote: # How to TRACE and visualize TLS and non-TLS SIP traffic in real time (thanks to Homer's Lorenzo Mangani for pointing me toward Frida) apt-get install python-pip pip install frida pip install hexdump wget https://raw.githubusercontent.com/google/ssl_logger/master/ssl_logger.py (https://raw.githubusercontent.com/google/ssl_logger/master/ssl_logger.py) #first ssh terminal # create fifo pipe, then will send the content from fifo pipe to an sngrep without gui, which will be reading pcap from stdin, and sending eep packets to the other sngrep (third terminal) mkfifo /tmp/pipe cat /tmp/pipe | sngrep -N -q -H udp:127.0.0.1:5077 (http://127.0.0.1:5077) -I - #second ssh terminal # writes as pcap to fifo pipe what freeswitch writes and reads from ssl lib python ssl_logger_giova.py -pcap /tmp/pipe freeswitch #third ssh terminal # sngrep that receives packets from both the Ethernet device, and the eep packets sent by the other sngrep (eg, the tls packets ssl_logger grabs from freeswitch's ssl lib) sngrep -L udp:127.0.0.1:5077 (http://127.0.0.1:5077) (you may want to edit ssl_logger.py and change 228 to be 101 - LINKTYPE_IPV4 to be LINKTYPE_RAW ) --Sincerely, Giovanni Maruzzelli OpenTelecom.IT cell: +39 347 266 56 18 -- Daniel-Constantin Mierla www.kamailio.org -- www.asipto.com