Commit Graph

1185 Commits

Author SHA1 Message Date
emanuele-f
7899906b60 Use build flavors to make ushark optional 2025-02-16 11:16:04 +01:00
emanuele-f
b7a574d9bc Separate Wireshark-related licenses 2025-02-16 09:32:08 +01:00
emanuele-f
faf94e25b4 Allow decrypting PCAPNG without IAB purchase 2025-02-16 08:43:43 +01:00
emanuele-f
f6a4c9f933 Temporary enable full payload when decrypting files
This is needed to properly show the decrypted status and data

See #351
2025-02-16 08:43:43 +01:00
emanuele-f
53698918ca Fix keylog being asked with Pcapng file
On newer Android versions, the uri does not contain the ".pcapng" extension

See #351
2025-02-16 08:43:43 +01:00
emanuele-f
ee6b5569fa Fix tests 2025-02-16 08:43:43 +01:00
emanuele-f
1d89de51dc Add ability to decrypt PCAP/Pcapng files
A new "Decrypt PCAP file" entry has been added to the main menu,
which allows loading a PCAP+keylog or a Pcapng with secrets and
show the decrypted data in PCAPdroud.

The decryption itself is performed by Wireshark, which is built as
the standalone shared library libushark.so, thanks to ushark.

The shared library is loaded via dlopen to allow proper
re-initialization of the static variables in Wireshark. This also
provides the benefit to avoud unnecessary overhead and possible
inteferences when not used.

HTTP/2 reassembly is properly supported (implemented in ushark)
and content decoding works as expected.

See #351
2025-02-16 08:43:39 +01:00
pikachu
4026145ac1
Fixed the bug that the -q parameter cannot take effect 2025-02-14 14:43:21 +08:00
emanuele-f
da1c8ab93b Fix crash due to non-serializable ArraySet
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
Restore HashSet in CaptureSettings
2025-02-09 19:09:26 +01:00
emanuele-f
79f0f88600 Replace HashSet with ArraySet
Closes #401
2025-02-09 18:55:18 +01:00
emanuele-f
253e5119e1 Further reduce blacklists RAM usage
Turn the sparsehash into a set, remove dense functions, load/save
to disk and make the data structure insert-only
2025-02-09 17:51:33 +01:00
emanuele-f
94d13885bb Reduce blacklists RAM usage and increase limit to 1500k rules
sparsehash is now used to reduce memory usage of malware blacklists.
uthash introduces a 56 bytes overhead per-item (UT_hash_handle).
sparsehash, on the other, hand, only has ~16 bytes of overhead (HTItem).
This can also be further reduced. With 400k rules, this currently
provides a 25 MB reduced usage. Lookup performance is also similar
to uthash.
2025-02-09 17:51:24 +01:00
emanuele-f
a73b0bc1cf Remove SSLBL and Feodo blacklists
SSLBL is deprecated and Feodo is usually contained in Emerging Threats
2025-01-30 19:51:26 +01:00
emanuele-f
832325c42d Improve malicious connection reporting
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
See #440
2025-01-30 19:22:31 +01:00
emanuele-f
606b7252b0 Ability to filter connections by min size
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
Closes #451
2025-01-18 12:58:41 +01:00
emanuele-f
dad96c7ac4 Fix CIDR not cleared
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2025-01-14 13:35:06 +01:00
emanuele-f
9d9d736660 Implement CIDR support
It's now possible to specify IP addresses in the CIDR format
for rules. This allows to block by CIDR

Closes #365
2025-01-14 13:24:03 +01:00
emanuele-f
ffe9259361 Show country flag in rules list 2025-01-12 17:31:20 +01:00
emanuele-f
365c553076 Add firewall block by country
It's now possible to block connections by country

Closes #429
2025-01-12 17:18:10 +01:00
emanuele-f
0f47d378b9 Read PCAPdroid extensions metadata from Pcapng
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
A PCAP/Pcapng reader has been implemented to support parsing the
PCAPdroid extensions metadata. This allows displaying a number of
information in the UI when loading from a Pcapng file, in particular:

- when the dump was generated with root, show the capture interface
  name
- show the UID (app) related to a given connection
- if the dump contains UIDs of uninstalled apps, show the
  original package name and app name

Closes #479
2025-01-11 19:58:58 +01:00
emanuele-f
e5259add68 Don't load malware/firewall lists when reading from file 2025-01-05 11:47:33 +01:00
emanuele-f
b9c18f02c6 Compilation fix
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2025-01-04 19:06:25 +01:00
emanuele-f
ba7df0e487 Compilation fix 2025-01-04 19:01:30 +01:00
emanuele-f
222d44e70a Dump capture interface via the Pcapng IDB
When capturing as root, the interface name and incremental id are
now correctly reported in the Pcapng file

Closes #438
2025-01-04 18:53:42 +01:00
emanuele-f
4f7b7a7a2e Fix string case 2025-01-04 17:33:45 +01:00
emanuele-f
a6d7df239a Remove unused trailer-related strings 2025-01-04 17:24:08 +01:00
emanuele-f
d25b4eb707 Rename PCAPdroid trailer to extensions 2025-01-04 17:03:42 +01:00
emanuele-f
4a28879318 Implement dump of PCAPdroid metadata in Pcapng
Closes #434
2025-01-04 17:03:42 +01:00
emanuele-f
c610c564bf Reduce size of nDPI
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
Use slim nDPI, which reduces the libndpi.so 4.12 size from 3 MB to 1 MB.
Further trimming may be evaluated in the future.

Closes #188
2025-01-02 08:17:32 +01:00
emanuele-f
65564a241c Update nDPI to 4.12 and libpcap to 1.10.5
Closes #474
2025-01-01 22:38:46 +01:00
emanuele-f
c88ffeba35 Add doc with edge-to-edge info and instructions 2025-01-01 19:16:05 +01:00
emanuele-f
264a2eafd6 Update robolectric to 4.14.1
Provides Android 15 support
2025-01-01 18:03:04 +01:00
emanuele-f
adbc33afe5 Fix inset issues on older platforms
Fix issues in fab, connections, apps, stats, log and app details
2025-01-01 17:57:19 +01:00
emanuele-f
5f50ae30c1 Remove app theme selection dropdown
When targetting SDK 35, setting a manual theme does not work correctly
with edge-to-edge, making text unreadable. Now the app will always
use the system default
2025-01-01 11:53:17 +01:00
emanuele-f
f0d1b67524 Use darker purple as main color 2025-01-01 11:53:17 +01:00
emanuele-f
9c2369fcc6 Implement edge-to-edge support
This is now required for apps which target sdk 35
2025-01-01 11:52:54 +01:00
emanuele-f
1ebc6271e3 Target sdk 35 (Android 15) 2024-12-26 10:58:52 +01:00
emanuele-f
e5bc37620a Update Java libraries
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2024-12-25 16:48:15 +01:00
emanuele-f
e545bb2c75 Update to Java 17 and enable desugaring
This fixes Java 8 deprecation warnings in newer gradle
2024-12-25 16:42:04 +01:00
emanuele-f
41eb45c789 Bump version to 1.7.5
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2024-11-09 12:13:50 +01:00
emanuele-f
d0a0c9e435 Bump mitm addon version to 1.4
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
No actual changes, just an AV misdetection fix
2024-11-06 22:08:09 +01:00
emanuele-f
8610e6ad27 Fix capture stall with target apps in root mode
When target apps are specified, the root capture would stall
when matching the uid, because of an infinite loop.

Fixes #467
2024-11-06 21:59:39 +01:00
emanuele-f
caced7daab Bump version to 1.7.4 2024-10-15 23:04:16 +02:00
emanuele-f
070eb19317 Update dependencies
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2024-10-15 22:55:44 +02:00
emanuele-f
466f0fd79d Bump PCAPdroid-mitm to version 1.3 (mitmproxy 11) 2024-10-15 19:39:40 +02:00
Chris Vanstone
3843546bbe Include the package name in the CSV output 2024-10-10 14:55:40 +01:00
emanuele-f
ac3ce3a75f Fix missing format argument 2024-09-11 18:46:20 +02:00
emanuele-f
50812d1de8 Add safety checks on getcwd and free memory 2024-09-11 18:38:50 +02:00
jackyzy823
9be48af56b Change working directory before calling pcapd under su.
Some implementation of Android su will reset environment variables, so
the current working directory will not be preserved.

To make sure the creation of pid file and log file, change working
directory manually.
2024-09-11 10:52:07 +08:00
emanuele-f
dc3bb39168 Bump version to 1.7.3
Some checks failed
Debug build / build (push) Has been cancelled
Validate Gradle Wrapper / Validation (push) Has been cancelled
Test native code / test (push) Has been cancelled
Windows build / build (push) Has been cancelled
2024-09-07 10:51:58 +02:00