On Mon, Feb 4, 2019 at 5:38 PM Daniel-Constantin Mierla <daniel(a)kamailio.org>
wrote:
And I would say it a little bit scary on the other hand, so now it easy to
attach at runtime to a process and loop execution of some functions through
own code just by knowing the name and signature...
yep. Kind of mind blowing... In past, you needed to make a wrapper for the
lib,
then substitute the wrapper to the actual lib...
OTOH, if you are root...
Btw, I don't want to be the owl of bad luck, but... Maybe these techniques
will bring mayhem to GDPR compliance, and so on and so on... (scared face)
-giovanni
Cheers,
Daniel
February 4, 2019 4:01 PM, "Giovanni Maruzzelli" <gmaruzz(a)gmail.com
<%22Giovanni%20Maruzzelli%22%20%3Cgmaruzz(a)gmail.com%3E>> wrote:
# How to TRACE and visualize TLS and non-TLS SIP traffic in real time (thanks to
Homer's Lorenzo Mangani for pointing me toward Frida) apt-get install python-pip pip
install frida pip install hexdump wget
https://raw.githubusercontent.com/google/ssl_logger/master/ssl_logger.py #first ssh
terminal # create fifo pipe, then will send the content from fifo pipe to an sngrep
without gui, which will be reading pcap from stdin, and sending eep packets to the other
sngrep (third terminal) mkfifo /tmp/pipe cat /tmp/pipe | sngrep -N -q -H
udp:127.0.0.1:5077 -I - #second ssh terminal # writes as pcap to fifo pipe what freeswitch
writes and reads from ssl lib python ssl_logger_giova.py -pcap /tmp/pipe freeswitch #third
ssh terminal # sngrep that receives packets from both the Ethernet device, and the eep
packets sent by the other sngrep (eg, the tls packets ssl_logger grabs from
freeswitch's ssl lib) sngrep -L udp:127.0.0.1:5077 (you may want to edit ssl_logger.py
and change 228 to be 101 - LINKTYPE_IPV4 to be LINKTYPE_RAW )
--
Sincerely,
Giovanni Maruzzelli
OpenTelecom.IT
cell: +39 347 266 56 18
--
Daniel-Constantin Mierla
www.kamailio.org --
www.asipto.com
--
Sincerely,
Giovanni Maruzzelli
OpenTelecom.IT
cell: +39 347 266 56 18