When loading a PCAP file, if there is a PCAPdroid trailer available,
use its uid to associate the connections to the originating app.
Currently this assumes that the uid mapping has not changed, e.g. the
app for a specific uid has not been uninstalled.
In VPN mode, it's now possible to redirect the traffic of specific
ports towards another host and port. This makes it possible to
integrate PCAPdroid with other apps, by forwarding the traffic to
a local server.
Closes#274
The UAF could be triggered with a on_connection_close followed by a
conns_clear and by a zdtun_lookup on the connection. Fixed in zdtun,
which now doesn't return closed connections.
The getParameterCount is only available since API level 26. Using a
patched MaxMind-DB-Reader-java to avoid crashing.
https://developer.android.com/reference/java/lang/reflect/Method#getParameterCount()
java.lang.NoSuchMethodError: No virtual method getParameterCount()I in class Ljava/lang/reflect/Constructor; or its super classes (declaration of 'java.lang.reflect.Constructor' appears in /system/framework/core-oj.jar)
at com.maxmind.db.Decoder.decodeMapIntoObject(Decoder.java:397)
at com.maxmind.db.Decoder.decodeMap(Decoder.java:342)
at com.maxmind.db.Decoder.decodeByType(Decoder.java:162)
at com.maxmind.db.Decoder.decode(Decoder.java:151)
at com.maxmind.db.Decoder.decode(Decoder.java:76)
at com.maxmind.db.Reader.<init>(Reader.java:133)
at com.maxmind.db.Reader.<init>(Reader.java:90)
at com.emanuelef.remote_capture.Geolocation.openDb(Geolocation.java:67)
Periodic tasks are now based on a monotonic timer. The timestamp in
the exported PCAP now corresponds to the original timestamp when using
root. Moreover, in-app first/last seen time now displays the milliseconds.
Closes#89
Connections with random ports sometimes appeared while capturing packets
as root, in particular while exporting data via the UDP exporter. These
were actually IP fragments, whose data was misinterpreted due to the
lack of L4 headers.
- The client MSS option is now honored
- srv->cli MSS is now calculated and reported based on the IP version
- TCP window scaling is now supported
- Slow downs due to blocking TCP sends in big uploads are now fixed
When enabled, all the TCP connections will be redirected to a SOCKS5
proxy. This also removes the need to use a customized mitmproxy to
perform the TLS decryption.
IPv6 must be manually enabled from the preferences. However, when an IPv6 gateway
is not available, the connections will fail with network unreachable.
Closes#2
