Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix the version number string cannot be found in the dynamic library of boringssl. #679

Merged
merged 1 commit into from
Dec 2, 2024

Conversation

cfc4n
Copy link
Member

@cfc4n cfc4n commented Dec 2, 2024

fix #678

… the dynamic library of boringssl.

Signed-off-by: CFC4N <cfc4n.cs@gmail.com>
@cfc4n cfc4n added 🐞 bug Something isn't working fix bug fix PR labels Dec 2, 2024
@cfc4n cfc4n linked an issue Dec 2, 2024 that may be closed by this pull request
@cfc4n cfc4n changed the title Fix the issue where the version number string cannot be found in the dynamic library of boringssl. Fix the version number string cannot be found in the dynamic library of boringssl. Dec 2, 2024
@cfc4n
Copy link
Member Author

cfc4n commented Dec 2, 2024

before

2024-12-02T14:36:02Z INF AppName="eCapture(旁观者)"
2024-12-02T14:36:02Z INF HomePage=https://ecapture.cc
2024-12-02T14:36:02Z INF Repository=https://github.com/gojue/ecapture
2024-12-02T14:36:02Z INF Author="CFC4N <cfc4ncs@gmail.com>"
2024-12-02T14:36:02Z INF Description="Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64."
2024-12-02T14:36:02Z INF Version=androidgki_arm64:v0.8.11:6.5.0-1025-azure
2024-12-02T14:36:02Z INF Listen=localhost:28256
2024-12-02T14:36:02Z INF eCapture running logs logger=
2024-12-02T14:36:02Z INF the file handler that receives the captured event eventCollector=
2024-12-02T14:36:02Z WRN ========== module starting. ==========
2024-12-02T14:36:02Z INF Kernel Info=5.15.41 Pid=5425
2024-12-02T14:36:02Z WRN Your environment is like a container. We won't be able to detect the BTF configuration.
If eCapture fails to run, try specifying the BTF mode. use `-b 2` to specify non-CORE mode.
2024-12-02T14:36:02Z INF BTF bytecode mode: CORE. btfMode=0
2024-12-02T14:36:02Z INF master key keylogger has been set. eBPFProgramType=Text keylogger=
2024-12-02T14:36:02Z INF module initialization. isReload=false moduleName=EBPFProbeOPENSSL
2024-12-02T14:36:02Z INF Module.Run()
2024-12-02T14:36:02Z INF listen=localhost:28256
2024-12-02T14:36:02Z INF https server starting...You can update the configuration file via the HTTP interface.
2024-12-02T14:36:02Z ERR OpenSSL/BoringSSL version check failed error="OpenSSL/BoringSSL version not found" soPath=/apex/com.android.conscrypt/lib64/libssl.so
2024-12-02T14:36:02Z INF setupManagers eBPFProgramType=Text
2024-12-02T14:36:02Z FTL module run failed. error="OpenSSL/BoringSSL version not found" isReload=false

after

emu64a:/data/local/tmp # ./ecapture tls                                                                                
2024-12-02T15:03:52Z INF AppName="eCapture(旁观者)"
2024-12-02T15:03:52Z INF HomePage=https://ecapture.cc
2024-12-02T15:03:52Z INF Repository=https://github.com/gojue/ecapture
2024-12-02T15:03:52Z INF Author="CFC4N <cfc4ncs@gmail.com>"
2024-12-02T15:03:52Z INF Description="Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64."
2024-12-02T15:03:52Z INF Version=androidgki_arm64:0.8.10-20241116-fcddaeb:5.15.0-125-generic
2024-12-02T15:03:52Z INF Listen=localhost:28256
2024-12-02T15:03:52Z INF eCapture running logs logger=
2024-12-02T15:03:52Z INF the file handler that receives the captured event eventCollector=
2024-12-02T15:03:52Z WRN ========== module starting. ==========
2024-12-02T15:03:52Z INF Kernel Info=5.15.41 Pid=6845
2024-12-02T15:03:52Z WRN Your environment is like a container. We won't be able to detect the BTF configuration.
If eCapture fails to run, try specifying the BTF mode. use `-b 2` to specify non-CORE mode.
2024-12-02T15:03:52Z INF BTF bytecode mode: CORE. btfMode=0
2024-12-02T15:03:52Z INF master key keylogger has been set. eBPFProgramType=Text keylogger=
2024-12-02T15:03:52Z INF listen=localhost:28256
2024-12-02T15:03:52Z INF https server starting...You can update the configuration file via the HTTP interface.
2024-12-02T15:03:52Z INF module initialization. isReload=false moduleName=EBPFProbeOPENSSL
2024-12-02T15:03:52Z INF Module.Run()
2024-12-02T15:03:52Z ERR bpfFile=boringssl_a_13_kern.o sslVersion=android_default
2024-12-02T15:03:52Z ERR OpenSSL/BoringSSL version not found, used default version.If you want to use the specific version, please set the sslVersion parameter with "--ssl_version='boringssl_a_13'" , "--ssl_version='boringssl_a_14'", or use "ecapture tls --help" for more help.
2024-12-02T15:03:52Z INF Hook masterKey function ElfType=2 Functions=["SSL_in_init"] binrayPath=/apex/com.android.conscrypt/lib64/libssl.so
2024-12-02T15:03:52Z INF target all process.
2024-12-02T15:03:52Z INF target all users.
2024-12-02T15:03:52Z INF setupManagers eBPFProgramType=Text
2024-12-02T15:03:52Z INF BPF bytecode file is matched. bpfFileName=user/bytecode/boringssl_a_13_kern_core.o
2024-12-02T15:03:52Z INF perfEventReader created mapSize(MB)=4
2024-12-02T15:03:52Z INF perfEventReader created mapSize(MB)=4
2024-12-02T15:03:52Z INF module started successfully. isReload=false moduleName=EBPFProbeOPENSSL
2024-12-02T15:04:01Z ??? UUID:844_6856_Thread-96_0_1_0.0.0.0, Name:HTTPRequest, Type:1, Length:212
GET /generate_204 HTTP/1.1
Host: www.google.com
Accept-Encoding: gzip
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36


2024-12-02T15:04:01Z ??? UUID:844_6856_Thread-96_0_0_0.0.0.0, Name:HTTPResponse, Type:3, Length:184
HTTP/1.1 204 No Content
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 02 Dec 2024 15:04:00 GMT


2024-12-02T15:04:04Z ??? UUID:844_7597_Thread-99_0_1_0.0.0.0, Name:HTTPRequest, Type:1, Length:212
GET /generate_204 HTTP/1.1
Host: www.google.com
Accept-Encoding: gzip
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36


2024-12-02T15:04:05Z ??? UUID:844_7597_Thread-99_0_0_0.0.0.0, Name:HTTPResponse, Type:3, Length:184
HTTP/1.1 204 No Content
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 02 Dec 2024 15:04:04 GMT


2024-12-02T15:04:06Z ??? UUID:844_7614_Thread-102_0_1_0.0.0.0, Name:HTTPRequest, Type:1, Length:212
GET /generate_204 HTTP/1.1
Host: www.google.com
Accept-Encoding: gzip
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36


2024-12-02T15:04:06Z ??? UUID:844_7614_Thread-102_0_0_0.0.0.0, Name:HTTPResponse, Type:3, Length:184
HTTP/1.1 204 No Content
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 02 Dec 2024 15:04:05 GMT


^C2024-12-02T15:04:07Z INF module close.
2024-12-02T15:04:07Z INF Module closed,message recived from Context
2024-12-02T15:04:08Z INF iModule module close
2024-12-02T15:04:08Z INF bye bye.
emu64a:/data/local/tmp # %                                                                                                ```

@cfc4n cfc4n merged commit 5cb2014 into master Dec 2, 2024
6 checks passed
@cfc4n cfc4n deleted the boringssl-version-not-found branch December 2, 2024 15:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🐞 bug Something isn't working fix bug fix PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

OpenSSL/BoringSSL version not found
1 participant