Improve mitm addon setup wizard help messages

This commit is contained in:
emanuele-f 2022-05-30 11:16:08 +02:00
parent dbfaab6164
commit b9615a4f42
11 changed files with 146 additions and 25 deletions

View File

@ -51,6 +51,7 @@ import java.lang.ref.WeakReference;
public class MitmAddon {
public static final long PACKAGE_VERSION_CODE = 7;
public static final String PACKAGE_VERSION_NAME = "v0.7";
public static final String REPOSITORY = "https://github.com/emanuele-f/PCAPdroid-mitm";
private static final String TAG = "MitmAddon";
private final Context mContext;
private final MitmListener mReceiver;
@ -113,7 +114,7 @@ public class MitmAddon {
}
public static String getGithubReleaseUrl() {
return "https://github.com/emanuele-f/PCAPdroid-mitm/releases/download/" +
return REPOSITORY + "/releases/download/" +
PACKAGE_VERSION_NAME + "/PCAPdroid-mitm_" + PACKAGE_VERSION_NAME + "_" + Build.SUPPORTED_ABIS[0] + ".apk";
}

View File

@ -55,7 +55,11 @@ import android.os.Handler;
import android.os.Looper;
import android.provider.MediaStore;
import android.provider.OpenableColumns;
import android.text.Html;
import android.text.SpannableString;
import android.text.SpannedString;
import android.text.TextUtils;
import android.text.method.LinkMovementMethod;
import android.text.style.StyleSpan;
import android.util.Log;
import android.view.View;
@ -1157,4 +1161,23 @@ public class Utils {
public static boolean isPrintable(byte c) {
return ((c >= 32) && (c <= 126)) || (c == '\r') || (c == '\n') || (c == '\t');
}
// Get a CharSequence which properly displays clickable links obtained by formatting a parametric
// string resource with the provided args. See setTextUrls
// https://stackoverflow.com/questions/23503642/how-to-use-formatted-strings-together-with-placeholders-in-android
public static CharSequence getText(Context context, int resid, String... args) {
for(int i = 0; i < args.length; ++i)
args[i] = TextUtils.htmlEncode(args[i]);
String htmlOnly = String.format(Html.toHtml(new SpannedString(context.getText(resid))), (Object[]) args);
//Log.d(TAG, htmlOnly);
return Html.fromHtml(htmlOnly);
}
// Format a resource containing URLs and display it in a TextView, making URls clickable
public static void setTextUrls(TextView tv, int resid, String... args) {
CharSequence text = getText(tv.getContext(), resid, args);
tv.setText(text);
tv.setMovementMethod(LinkMovementMethod.getInstance());
}
}

View File

@ -110,6 +110,7 @@ public class MainActivity extends BaseActivity implements NavigationView.OnNavig
public static final String DONATE_URL = "https://emanuele-f.github.io/PCAPdroid/donate";
public static final String FIREWALL_DOCS_URL = DOCS_URL + "/paid_features#51-firewall";
public static final String MALWARE_DETECTION_DOCS_URL = DOCS_URL + "/paid_features#52-malware-detection";
public static final String TLS_DECRYPTION_DOCS_URL = DOCS_URL + "/tls_decryption";
private final ActivityResultLauncher<Intent> pcapFileLauncher =
registerForActivityResult(new StartActivityForResult(), this::pcapFileResult);

View File

@ -128,7 +128,6 @@ public class SettingsActivity extends BaseActivity implements PreferenceFragment
private SwitchPreference mAutoBlockPrivateDNS;
private EditTextPreference mSocks5ProxyIp;
private EditTextPreference mSocks5ProxyPort;
private Preference mTlsHelp;
private Preference mIpv6Enabled;
private DropDownPreference mCapInterface;
private SwitchPreference mMalwareDetectionEnabled;
@ -251,7 +250,6 @@ public class SettingsActivity extends BaseActivity implements PreferenceFragment
@SuppressWarnings("deprecation")
private void setupTrafficInspectionPrefs() {
mTlsHelp = requirePreference("tls_how_to");
mAutoBlockPrivateDNS = requirePreference("auto_block_private_dns");
mTlsDecryption = requirePreference(Prefs.PREF_TLS_DECRYPTION_KEY);
@ -305,9 +303,6 @@ public class SettingsActivity extends BaseActivity implements PreferenceFragment
mSocks5Enabled.setVisible(!tlsDecryption);
mSocks5ProxyIp.setVisible(socks5Enabled && !tlsDecryption);
mSocks5ProxyPort.setVisible(socks5Enabled && !tlsDecryption);
//mTlsHelp.setVisible(decryptionEnabled);
mTlsHelp.setVisible(true);
}
private void setupOtherPrefs() {
@ -371,7 +366,6 @@ public class SettingsActivity extends BaseActivity implements PreferenceFragment
mSocks5Enabled.setVisible(false);
mSocks5ProxyIp.setVisible(false);
mSocks5ProxyPort.setVisible(false);
mTlsHelp.setVisible(false);
mFullPayloadEnabled.setVisible(true);
mBlockQuic.setVisible(false);
} else {

View File

@ -0,0 +1,41 @@
/*
* This file is part of PCAPdroid.
*
* PCAPdroid is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PCAPdroid is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PCAPdroid. If not, see <http://www.gnu.org/licenses/>.
*
* Copyright 2022 - Emanuele Faranda
*/
package com.emanuelef.remote_capture.fragments.mitmwizard;
import android.os.Bundle;
import android.view.View;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.emanuelef.remote_capture.MitmAddon;
import com.emanuelef.remote_capture.R;
public class Done extends StepFragment {
@Override
public void onViewCreated(@NonNull View view, @Nullable Bundle savedInstanceState) {
super.onViewCreated(view, savedInstanceState);
mStepIcon.setVisibility(View.GONE);
mStepLabel.setText(R.string.mitm_setup_wizard_done);
MitmAddon.setDecryptionSetupDone(requireContext(), true);
nextStep(0);
}
}

View File

@ -35,7 +35,7 @@ public class InstallAddon extends StepFragment {
@Override
public void onViewCreated(@NonNull View view, @Nullable Bundle savedInstanceState) {
super.onViewCreated(view, savedInstanceState);
mStepLabel.setText(R.string.install_mitm_addon);
Utils.setTextUrls(mStepLabel, R.string.install_mitm_addon, MitmAddon.REPOSITORY);
if(MitmAddon.isInstalled(requireContext()))
addonOk();

View File

@ -88,13 +88,13 @@ public class InstallCertificate extends StepFragment implements MitmListener {
}
private void certOk() {
MitmAddon.setDecryptionSetupDone(requireContext(), true);
mStepLabel.setText(R.string.cert_installed_correctly);
nextStep(0);
nextStep(R.id.navto_done);
}
private void certFail() {
mStepLabel.setText(R.string.ca_installation_failed);
mStepLabel.setText(R.string.ca_cert_export_failed);
Utils.setTextUrls(mStepLabel, R.string.ca_cert_export_failed, "https://www.vivo.com/en/support/questionByTitle?title=How%20to%20turn%20on/off%20Autostart%20for%20my%20apps");
mStepIcon.setColorFilter(mDangerColor);
MitmAddon.setDecryptionSetupDone(requireContext(), false);
}

View File

@ -0,0 +1,41 @@
/*
* This file is part of PCAPdroid.
*
* PCAPdroid is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* PCAPdroid is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with PCAPdroid. If not, see <http://www.gnu.org/licenses/>.
*
* Copyright 2022 - Emanuele Faranda
*/
package com.emanuelef.remote_capture.fragments.mitmwizard;
import android.os.Bundle;
import android.view.View;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.emanuelef.remote_capture.R;
import com.emanuelef.remote_capture.Utils;
import com.emanuelef.remote_capture.activities.MainActivity;
public class Intro extends StepFragment {
@Override
public void onViewCreated(@NonNull View view, @Nullable Bundle savedInstanceState) {
super.onViewCreated(view, savedInstanceState);
mStepIcon.setVisibility(View.GONE);
Utils.setTextUrls(mStepLabel, R.string.mitm_setup_wizard_intro, MainActivity.TLS_DECRYPTION_DOCS_URL);
nextStep(R.id.navto_install_addon);
}
}

View File

@ -3,7 +3,20 @@
xmlns:app="http://schemas.android.com/apk/res-auto"
xmlns:tools="http://schemas.android.com/tools"
android:id="@+id/mitm_wizard_graph"
app:startDestination="@id/installMitmApp">
app:startDestination="@id/intro">
<fragment
android:id="@+id/intro"
android:name="com.emanuelef.remote_capture.fragments.mitmwizard.Intro"
tools:layout="@layout/fragment_mitm_wizard" >
<action
android:id="@+id/navto_install_addon"
app:enterAnim="@anim/slide_in_left"
app:exitAnim="@anim/slide_out_left"
app:popEnterAnim="@anim/slide_in_right"
app:popExitAnim="@anim/slide_out_right"
app:destination="@id/installMitmApp" />
</fragment>
<fragment
android:id="@+id/installMitmApp"
@ -34,5 +47,18 @@
<fragment
android:id="@+id/InstallCertificate"
android:name="com.emanuelef.remote_capture.fragments.mitmwizard.InstallCertificate"
tools:layout="@layout/fragment_mitm_wizard">
<action
android:id="@+id/navto_done"
app:enterAnim="@anim/slide_in_left"
app:exitAnim="@anim/slide_out_left"
app:popEnterAnim="@anim/slide_in_right"
app:popExitAnim="@anim/slide_out_right"
app:destination="@id/Done" />
</fragment>
<fragment
android:id="@+id/Done"
android:name="com.emanuelef.remote_capture.fragments.mitmwizard.Done"
tools:layout="@layout/fragment_mitm_wizard" />
</navigation>

View File

@ -258,7 +258,7 @@
<string name="save_ok">Saved</string>
<string name="tls_decryption">TLS decryption</string>
<string name="tls_decryption_summary">Decrypt the SSL/TLS traffic by performing mitm. This may now work with some apps, check out the user guide</string>
<string name="tls_decryption_starting">TLS decryption is starting</string>
<string name="tls_decryption_starting">TLS decryption is starting</string>
<string name="tls_decryption_running">TLS decryption is running</string>
<string name="traffic_inspection">Traffic inspection</string>
<string name="mitm_start_failed">Could not start the mitm service. Reinstall the mitm addon and retry</string>
@ -266,13 +266,13 @@
<string name="next_step">Next</string>
<string name="install_action">Install</string>
<string name="export_action">Export</string>
<string name="install_mitm_addon">Install the PCAPdroid mitm addon</string>
<string name="install_mitm_addon">Install the PCAPdroid <a href='%1$s'>mitm addon</a>.\n\nNOTE: The addon depends on closed source software</string>
<string name="configure_action">Configure</string>
<string name="grant_mitm_permission">Give PCAPdroid the ability to decrypt the network traffic</string>
<string name="grant_mitm_permission">Give PCAPdroid the permission to control the mitm addon</string>
<string name="export_ca_certificate">Export the PCAPdroid CA certificate, then open the Android \"Encryption &amp; Credentials\" settings and choose install it as a \"CA certificate\"</string>
<string name="install_ca_certificate">Install the PCAPdroid CA certificate, choosing \"VPN and apps\". Android will ask for your lockscreen or password</string>
<string name="checking_the_certificate">Checking the certificate…</string>
<string name="ca_installation_failed">CA certificate installation failed</string>
<string name="ca_cert_export_failed">An error occurred while exporting the CA certificate\n\nIf your device implements Autostart or similar software to limit background services execution, be sure to <a href='%1$s'>whitelist PCAPdroid</a></string>
<string name="cert_exported_now_installed">Certificate exported, now install it from the Android settings</string>
<string name="cert_installed_correctly">The CA certificate is installed</string>
<string name="cert_reinstall_required">The CA certificate is not installed, run the mitm setup wizard</string>
@ -341,7 +341,9 @@
<string name="firewall_summary">Block internet access to apps, configure rules for specific domains and IP addresses. Only works with the non-root capture</string>
<string name="no_root_firewall">No-root firewall</string>
<string name="block_quick">Block QUIC</string>
<string name="block_quick_summary">Block QUIC connections to possibly fallback to TLS. Some apps may stop working</string>
<string name="block_quick_summary">Block QUIC connections to possibly fall back to decryptable TLS. Some apps may stop working</string>
<string name="block_private_dns">Block private DNS</string>
<string name="block_private_dns_summary">Detect and possibly block private DNS to inspect DNS traffic. Disabling this can hinder detection</string>
<string name="mitm_setup_wizard_intro">This wizard will guide you through the installation of the PCAPdroid mitm addon and certification authority, which are needed to perform the <a href='%1$s'>TLS decryption</a></string>
<string name="mitm_setup_wizard_done">PCAPdroid is now ready to decrypt TLS traffic\n\nCheck out the <a href='%1$s'>user guide</a> to know more about the security measures which may prevent decryption and how to bypass them</string>
</resources>

View File

@ -66,14 +66,6 @@
app:summary="@string/tls_decryption_summary"
app:defaultValue="false" />
<Preference
app:key="tls_how_to"
app:title="@string/tls_how_to"
app:iconSpaceReserved="false">
<intent android:action="android.intent.action.VIEW"
android:data="https://emanuele-f.github.io/PCAPdroid/tls_decryption" />
</Preference>
<SwitchPreference
app:key="block_quic"
app:title="@string/block_quick"