Comments (5)
cfc4n
commented on June 22, 2024
看一下 help参数吧, 而且报错提示比较清晰,没找到libssl.so 的路径,可以通过--libssl=xxxxx.so来指定,如果你还是不熟悉,那建议你看下ecapture的教学视频。
from ecapture.
ten-plus-month
commented on June 22, 2024
加了参数还是报错
1|vbox86p:/data/local/tmp # ./ecapture tls --libssl=/system/lib64/libssl.so
2023/11/24 01:17:34 Your environment is like a container. We won't be able to detect the BTF configuration.
tls_2023/11/24 01:17:34 ECAPTURE :: ecapture Version : linux_x86_64:0.6.6-20231119-06b63d6:5.15.0-1050-azure
tls_2023/11/24 01:17:34 ECAPTURE :: Pid Info : 2501
tls_2023/11/24 01:17:34 ECAPTURE :: Kernel Info : 5.10.101
tls_2023/11/24 01:17:34 EBPFProbeOPENSSL module initialization failed. [skip it]. error:cant found 'connect' function to hook in files::[libpthread.so.0 libc.so.6 libc.so]
tls_2023/11/24 01:17:34 EBPFProbeGNUTLS module initialization
tls_2023/11/24 01:17:34 ECAPTURE :: Module.Run()
tls_2023/11/24 01:17:34 EBPFProbeGNUTLS BPF bytecode filename:user/bytecode/gnutls_kern.o
tls_2023/11/24 01:17:34 EBPFProbeGNUTLS module run failed, [skip it]. error:tls(gnutls) module couldn't find binPath stat /lib/x86_64-linux-gnu/libgnutls.so.30: no such file or directory
tls_2023/11/24 01:17:34 EBPFProbeNSPR module initialization
tls_2023/11/24 01:17:34 ECAPTURE :: Module.Run()
tls_2023/11/24 01:17:34 EBPFProbeNSPR BPF bytecode filename:user/bytecode/nspr_kern.o
tls_2023/11/24 01:17:34 EBPFProbeNSPR module run failed, [skip it]. error:tls module couldn't find binPath stat /usr/lib/firefox/libnspr4.so: no such file or directory
tls_2023/11/24 01:17:34 ECAPTURE :: No runnable modules, Exit(1)
from ecapture.
ten-plus-month
commented on June 22, 2024
ldd是这样的
127|vbox86p:/data/local/tmp # ldd which wget
linux-vdso.so.1 => [vdso] (0x7fff9ed95000)
libcutils.so => /system/lib64/libcutils.so (0x7a4042d89000)
libc++.so => /system/lib64/libc++.so (0x7a4042ec5000)
libc.so => /apex/com.android.runtime/lib64/bionic/libc.so (0x7a4042f89000)
libm.so => /apex/com.android.runtime/lib64/bionic/libm.so (0x7a4042e2c000)
libdl.so => /apex/com.android.runtime/lib64/bionic/libdl.so (0x7a4042e99000)
liblog.so => /system/lib64/liblog.so (0x7a4042dcd000)
libbase.so => /system/lib64/libbase.so (0x7a4045e6a000)
from ecapture.
cfc4n
commented on June 22, 2024
还有一个参数--pthread,来指定一下。
--pthread=/apex/com.android.runtime/lib64/bionic/libc.so 或 --pthread=/system/lib64/libc++.so 试试。
from ecapture.
ten-plus-month
commented on June 22, 2024
这两个都不行
1|vbox86p:/data/local/tmp # ./ecapture tls --libssl=/system/lib64/libssl.so --pthread=/apex/com.android.runtime/lib64/bionic/libc.so
2023/11/24 07:48:04 Your environment is like a container. We won't be able to detect the BTF configuration.
tls_2023/11/24 07:48:04 ECAPTURE :: ecapture Version : linux_x86_64:0.6.6-20231119-06b63d6:5.15.0-1050-azure
tls_2023/11/24 07:48:04 ECAPTURE :: Pid Info : 6997
tls_2023/11/24 07:48:04 ECAPTURE :: Kernel Info : 5.10.101
tls_2023/11/24 07:48:04 EBPFProbeOPENSSL module initialization failed. [skip it]. error:cant found 'connect' function to hook in files::[libpthread.so.0 libc.so.6 libc.so]
tls_2023/11/24 07:48:04 EBPFProbeGNUTLS module initialization
tls_2023/11/24 07:48:04 ECAPTURE :: Module.Run()
tls_2023/11/24 07:48:04 EBPFProbeGNUTLS BPF bytecode filename:user/bytecode/gnutls_kern.o
tls_2023/11/24 07:48:04 EBPFProbeGNUTLS module run failed, [skip it]. error:tls(gnutls) module couldn't find binPath stat /lib/x86_64-linux-gnu/libgnutls.so.30: no such file or directory
tls_2023/11/24 07:48:04 EBPFProbeNSPR module initialization
tls_2023/11/24 07:48:04 ECAPTURE :: Module.Run()
tls_2023/11/24 07:48:04 EBPFProbeNSPR BPF bytecode filename:user/bytecode/nspr_kern.o
tls_2023/11/24 07:48:04 EBPFProbeNSPR module run failed, [skip it]. error:tls module couldn't find binPath stat /usr/lib/firefox/libnspr4.so: no such file or directory
tls_2023/11/24 07:48:04 ECAPTURE :: No runnable modules, Exit(1)
1|vbox86p:/data/local/tmp #
1|vbox86p:/data/local/tmp #
1|vbox86p:/data/local/tmp #
1|vbox86p:/data/local/tmp # ./ecapture tls --libssl=/system/lib64/libssl.so --pthread=/system/lib64/libc++.so
2023/11/24 07:48:32 Your environment is like a container. We won't be able to detect the BTF configuration.
tls_2023/11/24 07:48:32 ECAPTURE :: ecapture Version : linux_x86_64:0.6.6-20231119-06b63d6:5.15.0-1050-azure
tls_2023/11/24 07:48:32 ECAPTURE :: Pid Info : 7012
tls_2023/11/24 07:48:32 ECAPTURE :: Kernel Info : 5.10.101
tls_2023/11/24 07:48:32 EBPFProbeOPENSSL module initialization failed. [skip it]. error:cant found 'connect' function to hook in files::[libpthread.so.0 libc.so.6 libc.so]
tls_2023/11/24 07:48:32 EBPFProbeGNUTLS module initialization
tls_2023/11/24 07:48:32 ECAPTURE :: Module.Run()
tls_2023/11/24 07:48:32 EBPFProbeGNUTLS BPF bytecode filename:user/bytecode/gnutls_kern.o
tls_2023/11/24 07:48:32 EBPFProbeGNUTLS module run failed, [skip it]. error:tls(gnutls) module couldn't find binPath stat /lib/x86_64-linux-gnu/libgnutls.so.30: no such file or directory
tls_2023/11/24 07:48:32 EBPFProbeNSPR module initialization
tls_2023/11/24 07:48:32 ECAPTURE :: Module.Run()
tls_2023/11/24 07:48:32 EBPFProbeNSPR BPF bytecode filename:user/bytecode/nspr_kern.o
tls_2023/11/24 07:48:32 EBPFProbeNSPR module run failed, [skip it]. error:tls module couldn't find binPath stat /usr/lib/firefox/libnspr4.so: no such file or directory
tls_2023/11/24 07:48:32 ECAPTURE :: No runnable modules, Exit(1)
我用的是genymotion模拟的安卓12
from ecapture.
Related Issues (20)
- gotls 捕获golang程序,不能写pcapfile文件,不能看到响应的内容 HOT 4
- Not working with redroid HOT 13
- windows也有ebpf,是否兼容适配? HOT 1
- 鸿蒙4.0支持分析https内容不 HOT 3
- 关于在pcap模式中tc层skb_data payload数据传输的问题 HOT 3
- eCapture run failed, error log: invalid memory address or nil pointer dereference HOT 3
- Build 2 Android Arm64 HOT 1
- ssh加解密教程 HOT 4
- gotls 访问百度,https 包无法获取、只能截取 http 包 HOT 2
- 加解密模式对性能的影响是多少 HOT 2
- tls 模式,app抓包解密失败 HOT 1
- error: couldn't start bootstrap manager error HOT 3
- TLS 模式下,对被检测程序的性能影响。 HOT 9
- The SSL structure in openssl 3.2.0 has been modified HOT 4
- PCAP mode can only decrypt partial HTTPS traffic, not all of it HOT 8
- fatal error: concurrent map read and map write HOT 1
- 这是我姿势不对么?最新版本的总提示No runnable modules, Exit(1) HOT 2
- tls子命令可否支持ip过滤 HOT 6
- archlinux不存在/boot/config-`uname -r`文件,导致启动程序时报错 HOT 6
- I am new. How to use software? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ecapture.