fixed pattern for latest version of cronet; friTap can now be run as …

…a package or as a Job from AndroidFridaManager
fkie-cad · Nov 16, 2024 · 1ee1882 · 1ee1882
1 parent 74b319b
commit 1ee1882
Show file tree

Hide file tree

Showing 9 changed files with 69 additions and 39 deletions.
diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 </p>
 
 # friTap
-![version](https://img.shields.io/badge/version-1.2.3.0-blue) [![PyPI version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=py&r=r&ts=1683906897&type=6e&v=1.2.3.0&x2=0)](https://badge.fury.io/py/friTap)
+![version](https://img.shields.io/badge/version-1.2.3.5-blue) [![PyPI version](https://d25lcipzij17d.cloudfront.net/badge.svg?id=py&r=r&ts=1683906897&type=6e&v=1.2.3.5&x2=0)](https://badge.fury.io/py/friTap)
 
 The goal of this project is to help researchers to analyze traffic encapsulated in SSL or TLS. For details have a view into the [OSDFCon webinar slides](assets/friTapOSDFConwebinar.pdf) or in [this blog post](https://lolcads.github.io/posts/2022/08/fritap/).
 
@@ -152,6 +152,7 @@ fritap -do -v com.example.app
 - scapy (`python3 -m pip install scapy`)
 - watchdog (`python3 -m pip install watchdog`)
 - importlib.resources  (`python3 -m pip install importlib-resources`)
+- AndroidFridaManager (`python3 -m pip install AndroidFridaManager`)
 - for hooking on Android ensure that the `adb`-command is in your PATH
 
 ## Planned features
@@ -160,18 +161,17 @@ fritap -do -v com.example.app
   - integration with https://github.com/mitmproxy/mitmproxy
   - integration with http://portswigger.net/burp/
 - [ ] add wine support
-- [ ] add Flutter support
+- [x] <strike>add Flutter support</strike>
 - [ ] add further libraries (have a look at this [Wikipedia entry](https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations)):
   - Botan (BSD license, Jack Lloyd)
   - LibreSSL (OpenBSD)
   - Cryptlib (Peter Gutmann)
   - JSSE (Java Secure Socket Extension, Oracle)
   - [MatrixSSL](https://github.com/matrixssl/matrixssl) 
   - ...
-- [ ] Working with static linked libraries
-- [ ] Add feature to prototype TLS-Read/Write/SSLKEY functions
+- [x] <strike>Working with static linked libraries</strike>
+- [x] <strike>Add feature to prototype TLS-Read/Write/SSLKEY functions</strike>
 - [ ] improve iOS/MacOS support (currently under development)
-- [x] <strike>provide friTap as PyPI package</strike>
 
 ## Contribute
 

diff --git a/agent/android/android_agent.ts b/agent/android/android_agent.ts
@@ -78,6 +78,8 @@ export function load_android_hooking_agent() {
     module_library_mapping[plattform_name] = [
         [/.*libssl_sb.so/, invokeHookingFunction(boring_execute)],
         [/.*libssl\.so/, invokeHookingFunction(boring_execute)],
+        [/libconscrypt_gmscore_jni.so/, invokeHookingFunction(boring_execute)], // inspired from https://github.com/PiRogueToolSuite/pirogue-cli/blob/debian-12/pirogue_cli/frida-scripts/log_ssl_keys.js#L55
+        [/ibconscrypt_jni.so/, invokeHookingFunction(boring_execute)],
         [/.*cronet.*\.so/, invokeHookingFunction(cronet_execute)],
         [/.*flutter.*\.so/, invokeHookingFunction(flutter_execute)],
         [/.*libgnutls\.so/, invokeHookingFunction(gnutls_execute)],

diff --git a/agent/android/cronet_android.ts b/agent/android/cronet_android.ts
@@ -23,8 +23,9 @@ export class Cronet_Android extends Cronet {
             },
             "arm64": {
                 primary: "3F 23 03 D5 FF C3 01 D1 FD 7B 04 A9 F6 57 05 A9 F4 4F 06 A9 FD 03 01 91 08 34 40 F9 08 11 41 F9 C8 07 00 B4", // Primary pattern
-                fallback: "3F 23 03 D5 FF 03 02 D1 FD 7B 04 A9 F7 2B 00 F9 F6 57 06 A9 F4 4F 07 A9 FD 03 01 91 08 34 40 F9 08 11 41 F9 E8 0F 00 B4"  // Fallback pattern
-            },
+                fallback: "3F 23 03 D5 FF 03 02 D1 FD 7B 04 A9 F7 2B 00 F9 F6 57 06 A9 F4 4F 07 A9 FD 03 01 91 08 34 40 F9 08 ?? 41 F9 E8 0F 00 B4"  // Fallback pattern
+            },  
+
             "arm": {
                 primary: "2D E9 F0 43 89 B0 04 46 40 6B D0 F8 2C 01 00 28 49 D0", // Primary pattern
                 fallback: "2D E9 F0 41 86 B0 04 46 40 6B D0 F8 30 01 00 28 53 D0"  // Fallback pattern

diff --git a/friTap/_ssl_log.js b/friTap/_ssl_log.js
@@ -1,8 +1,8 @@
 📦
 2860 /agent/ssl_log.js.map
 3711 /agent/ssl_log.js
-3036 /agent/android/android_agent.js.map
-3646 /agent/android/android_agent.js
+3136 /agent/android/android_agent.js.map
+3797 /agent/android/android_agent.js
 937 /agent/android/android_java_tls_libs.js.map
 1150 /agent/android/android_java_tls_libs.js
 4361 /agent/android/bouncycastle.js.map
@@ -221,7 +221,7 @@ function load_os_specific_agent() {
 }
 load_os_specific_agent();
 ✄
-{"version":3,"file":"android_agent.js","sourceRoot":"/Users/danielbaier/research/projects/github/issues/2024 fritap issues/friTap/","sources":["agent/android/android_agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAqB,MAAM,gCAAgC,CAAC;AAC3F,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAC1G,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,YAAY,EAAC,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,IAAI,cAAc,GAAG,OAAO,CAAC;AAC7B,IAAI,WAAW,GAAkB,cAAc,EAAE,CAAC;AACjD,MAAc,CAAC,SAAS,GAAG,EAAE,CAAC;AAE/B,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAA;AAEpC,SAAS,kBAAkB;IACvB,YAAY,EAAE,CAAC;AACnB,CAAC;AAED,SAAS,2BAA2B,CAAC,sBAA0E,EAAE,YAAqB;IAClI,IAAI;QACJ,MAAM,WAAW,GAAG,eAAe,CAAA;QACnC,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACrE,IAAI,KAAK,KAAK,SAAS,EAAC;YACpB,MAAM,mCAAmC,CAAA;SAC5C;QAED,IAAI,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClE,IAAI,MAAM,GAAG,QAAQ,CAAA;QACrB,KAAK,IAAI,EAAE,IAAI,UAAU,EAAE;YACvB,IAAI,EAAE,CAAC,IAAI,KAAK,oBAAoB,EAAE;gBAClC,MAAM,GAAG,oBAAoB,CAAA;gBAC7B,MAAK;aACR;SACJ;QAGD,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;YACtD,OAAO,EAAE,UAAU,IAAI;gBACnB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;YAC3C,CAAC;YACD,OAAO,EAAE,UAAU,MAAW;gBAC1B,IAAI,IAAI,CAAC,UAAU,IAAI,SAAS,EAAE;oBAC9B,KAAI,IAAI,GAAG,IAAI,sBAAsB,CAAC,cAAc,CAAC,EAAC;wBAClD,IAAI,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;wBAClB,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;wBACjB,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EAAC;4BAC5B,GAAG,CAAC,GAAG,IAAI,CAAC,UAAU,0CAA0C,CAAC,CAAA;4BACjE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAA;yBACtC;qBAEJ;iBACJ;YACL,CAAC;SAGJ,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAA;KACpD;IAAC,OAAO,KAAK,EAAE;QACZ,MAAM,CAAC,wBAAwB,GAAE,KAAK,CAAC,CAAA;QACvC,GAAG,CAAC,mDAAmD,CAAC,CAAA;KAC3D;AACD,CAAC;AAED,SAAS,4BAA4B,CAAC,sBAA0E,EAAE,YAAqB;IACnI,kBAAkB,CAAC,cAAc,EAAE,sBAAsB,EAAC,WAAW,EAAC,SAAS,EAAC,YAAY,CAAC,CAAA;AAEjG,CAAC;AAGD,MAAM,UAAU,0BAA0B;IACtC,sBAAsB,CAAC,cAAc,CAAC,GAAG;QACrC,CAAC,gBAAgB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACzD,CAAC,cAAc,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACvD,CAAC,gBAAgB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACzD,CAAC,iBAAiB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC3D,CAAC,iBAAiB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QAC1D,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC5D,CAAC,qBAAqB,EAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;QAC1D,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC5D,CAAC,aAAa,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACtD,CAAC,mBAAmB,EAAE,qBAAqB,CAAC,iBAAiB,CAAC,CAAC;KAAC,CAAC;IAErE,kBAAkB,EAAE,CAAC;IACrB,4BAA4B,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;IAC3D,2BAA2B,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;AAC/D,CAAC"}
+{"version":3,"file":"android_agent.js","sourceRoot":"/Users/danielbaier/research/projects/github/issues/2024 fritap issues/friTap/","sources":["agent/android/android_agent.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAqB,MAAM,gCAAgC,CAAC;AAC3F,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAC1G,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,YAAY,EAAC,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,IAAI,cAAc,GAAG,OAAO,CAAC;AAC7B,IAAI,WAAW,GAAkB,cAAc,EAAE,CAAC;AACjD,MAAc,CAAC,SAAS,GAAG,EAAE,CAAC;AAE/B,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAA;AAEpC,SAAS,kBAAkB;IACvB,YAAY,EAAE,CAAC;AACnB,CAAC;AAED,SAAS,2BAA2B,CAAC,sBAA0E,EAAE,YAAqB;IAClI,IAAI;QACJ,MAAM,WAAW,GAAG,eAAe,CAAA;QACnC,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAA;QACrE,IAAI,KAAK,KAAK,SAAS,EAAC;YACpB,MAAM,mCAAmC,CAAA;SAC5C;QAED,IAAI,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAA;QAClE,IAAI,MAAM,GAAG,QAAQ,CAAA;QACrB,KAAK,IAAI,EAAE,IAAI,UAAU,EAAE;YACvB,IAAI,EAAE,CAAC,IAAI,KAAK,oBAAoB,EAAE;gBAClC,MAAM,GAAG,oBAAoB,CAAA;gBAC7B,MAAK;aACR;SACJ;QAGD,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE;YACtD,OAAO,EAAE,UAAU,IAAI;gBACnB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;YAC3C,CAAC;YACD,OAAO,EAAE,UAAU,MAAW;gBAC1B,IAAI,IAAI,CAAC,UAAU,IAAI,SAAS,EAAE;oBAC9B,KAAI,IAAI,GAAG,IAAI,sBAAsB,CAAC,cAAc,CAAC,EAAC;wBAClD,IAAI,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;wBAClB,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;wBACjB,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EAAC;4BAC5B,GAAG,CAAC,GAAG,IAAI,CAAC,UAAU,0CAA0C,CAAC,CAAA;4BACjE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAA;yBACtC;qBAEJ;iBACJ;YACL,CAAC;SAGJ,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAA;KACpD;IAAC,OAAO,KAAK,EAAE;QACZ,MAAM,CAAC,wBAAwB,GAAE,KAAK,CAAC,CAAA;QACvC,GAAG,CAAC,mDAAmD,CAAC,CAAA;KAC3D;AACD,CAAC;AAED,SAAS,4BAA4B,CAAC,sBAA0E,EAAE,YAAqB;IACnI,kBAAkB,CAAC,cAAc,EAAE,sBAAsB,EAAC,WAAW,EAAC,SAAS,EAAC,YAAY,CAAC,CAAA;AAEjG,CAAC;AAGD,MAAM,UAAU,0BAA0B;IACtC,sBAAsB,CAAC,cAAc,CAAC,GAAG;QACrC,CAAC,gBAAgB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACzD,CAAC,cAAc,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACvD,CAAC,6BAA6B,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACtE,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QAC7D,CAAC,gBAAgB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACzD,CAAC,iBAAiB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC3D,CAAC,iBAAiB,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QAC1D,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC5D,CAAC,qBAAqB,EAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;QAC1D,CAAC,kBAAkB,EAAE,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC5D,CAAC,aAAa,EAAE,qBAAqB,CAAC,cAAc,CAAC,CAAC;QACtD,CAAC,mBAAmB,EAAE,qBAAqB,CAAC,iBAAiB,CAAC,CAAC;KAAC,CAAC;IAErE,kBAAkB,EAAE,CAAC;IACrB,4BAA4B,CAAC,sBAAsB,EAAE,IAAI,CAAC,CAAC;IAC3D,2BAA2B,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;AAC/D,CAAC"}
 ✄
 import { module_library_mapping } from "../shared/shared_structures.js";
 import { getModuleNames, ssl_library_loader, invokeHookingFunction } from "../shared/shared_functions.js";
@@ -289,6 +289,8 @@ export function load_android_hooking_agent() {
     module_library_mapping[plattform_name] = [
         [/.*libssl_sb.so/, invokeHookingFunction(boring_execute)],
         [/.*libssl\.so/, invokeHookingFunction(boring_execute)],
+        [/libconscrypt_gmscore_jni.so/, invokeHookingFunction(boring_execute)],
+        [/ibconscrypt_jni.so/, invokeHookingFunction(boring_execute)],
         [/.*cronet.*\.so/, invokeHookingFunction(cronet_execute)],
         [/.*flutter.*\.so/, invokeHookingFunction(flutter_execute)],
         [/.*libgnutls\.so/, invokeHookingFunction(gnutls_execute)],
@@ -555,7 +557,7 @@ export function execute() {
     });
 }
 ✄
-{"version":3,"file":"cronet_android.js","sourceRoot":"/Users/danielbaier/research/projects/github/issues/2024 fritap issues/friTap/","sources":["agent/android/cronet_android.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAC,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,oCAAoC,CAAC;AAClG,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AAC3D,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAGxC,MAAM,OAAO,cAAe,SAAQ,MAAM;IAGtC,YAAmB,UAAiB,EAAS,cAAqB,EAAE,YAAqB;QACrF,KAAK,CAAC,UAAU,EAAC,cAAc,EAAC,YAAY,CAAC,CAAC;QAD/B,eAAU,GAAV,UAAU,CAAO;QAAS,mBAAc,GAAd,cAAc,CAAO;QAG9D,IAAI,CAAC,eAAe,GAAG;YACnB,KAAK,EAAE;gBACH,OAAO,EAAE,iGAAiG;gBAC1G,QAAQ,EAAE,+EAA+E,CAAC,mBAAmB;aAChH;YACD,KAAK,EAAE;gBACH,OAAO,EAAE,+EAA+E;gBACxF,QAAQ,EAAE,sEAAsE,CAAC,mBAAmB;aACvG;YACD,OAAO,EAAE;gBACL,OAAO,EAAE,6GAA6G;gBACtH,QAAQ,EAAE,yHAAyH,CAAE,mBAAmB;aAC3J;YACD,KAAK,EAAE;gBACH,OAAO,EAAE,uDAAuD;gBAChE,QAAQ,EAAE,uDAAuD,CAAE,mBAAmB;aACzF;SACJ,CAAC;IACN,CAAC;IAKD,2BAA2B;QACvB,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,mBAAmB,CAAC,YAAY,CAAC,CAAC;QAErD,IAAI,iBAAiB,EAAE,EAAC;YACpB,MAAM,CAAC,wDAAwD,CAAC,CAAC;YACjE,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,EAAC,cAAc,EAAC,QAAQ,EAAC,CAAC,IAAW,EAAE,EAAE;gBAC1E,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,4BAA4B;YAC3E,CAAC,CAAC,CAAC;SACN;aAAI;YACD,sFAAsF;YACtF,MAAM,CAAC,mBAAmB,CACtB,wBAAwB,CAAC,IAAI,CAAC,eAAe,CAAC,EAC9C,CAAC,IAAI,EAAE,EAAE;gBACL,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,+BAA+B;YAC9E,CAAC,CACJ,CAAC;SACL;IAEL,CAAC;IAED,aAAa;QACT,IAAI,CAAC,2BAA2B,EAAE,CAAC;IACvC,CAAC;CAEJ;AAGD,MAAM,UAAU,cAAc,CAAC,UAAiB,EAAE,YAAqB;IACnE,IAAI,MAAM,GAAG,IAAI,cAAc,CAAC,UAAU,EAAC,cAAc,EAAC,YAAY,CAAC,CAAC;IACxE,IAAI;QACA,MAAM,CAAC,aAAa,EAAE,CAAC;KAC1B;IAAA,OAAM,SAAS,EAAC;QACb,MAAM,CAAC,yBAAyB,SAAS,EAAE,CAAC,CAAA;KAC/C;IAED,IAAI,YAAY,EAAE;QACd,IAAI;YACA,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;YACpD,wDAAwD;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;gBACvC,MAAc,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,cAAc,CAAC;aAC/D;SACJ;QAAA,OAAM,SAAS,EAAC;YACb,MAAM,CAAC,mCAAmC,SAAS,EAAE,CAAC,CAAA;SACzD;KACJ;AAEL,CAAC"}
+{"version":3,"file":"cronet_android.js","sourceRoot":"/Users/danielbaier/research/projects/github/issues/2024 fritap issues/friTap/","sources":["agent/android/cronet_android.ts"],"names":[],"mappings":"AACA,OAAO,EAAC,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAC,mBAAmB,EAAE,wBAAwB,EAAE,MAAM,oCAAoC,CAAC;AAClG,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AAC3D,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAGxC,MAAM,OAAO,cAAe,SAAQ,MAAM;IAGtC,YAAmB,UAAiB,EAAS,cAAqB,EAAE,YAAqB;QACrF,KAAK,CAAC,UAAU,EAAC,cAAc,EAAC,YAAY,CAAC,CAAC;QAD/B,eAAU,GAAV,UAAU,CAAO;QAAS,mBAAc,GAAd,cAAc,CAAO;QAG9D,IAAI,CAAC,eAAe,GAAG;YACnB,KAAK,EAAE;gBACH,OAAO,EAAE,iGAAiG;gBAC1G,QAAQ,EAAE,+EAA+E,CAAC,mBAAmB;aAChH;YACD,KAAK,EAAE;gBACH,OAAO,EAAE,+EAA+E;gBACxF,QAAQ,EAAE,sEAAsE,CAAC,mBAAmB;aACvG;YACD,OAAO,EAAE;gBACL,OAAO,EAAE,6GAA6G;gBACtH,QAAQ,EAAE,yHAAyH,CAAE,mBAAmB;aAC3J;YAED,KAAK,EAAE;gBACH,OAAO,EAAE,uDAAuD;gBAChE,QAAQ,EAAE,uDAAuD,CAAE,mBAAmB;aACzF;SACJ,CAAC;IACN,CAAC;IAKD,2BAA2B;QACvB,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,mBAAmB,CAAC,YAAY,CAAC,CAAC;QAErD,IAAI,iBAAiB,EAAE,EAAC;YACpB,MAAM,CAAC,wDAAwD,CAAC,CAAC;YACjE,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,EAAC,cAAc,EAAC,QAAQ,EAAC,CAAC,IAAW,EAAE,EAAE;gBAC1E,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,4BAA4B;YAC3E,CAAC,CAAC,CAAC;SACN;aAAI;YACD,sFAAsF;YACtF,MAAM,CAAC,mBAAmB,CACtB,wBAAwB,CAAC,IAAI,CAAC,eAAe,CAAC,EAC9C,CAAC,IAAI,EAAE,EAAE;gBACL,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,+BAA+B;YAC9E,CAAC,CACJ,CAAC;SACL;IAEL,CAAC;IAED,aAAa;QACT,IAAI,CAAC,2BAA2B,EAAE,CAAC;IACvC,CAAC;CAEJ;AAGD,MAAM,UAAU,cAAc,CAAC,UAAiB,EAAE,YAAqB;IACnE,IAAI,MAAM,GAAG,IAAI,cAAc,CAAC,UAAU,EAAC,cAAc,EAAC,YAAY,CAAC,CAAC;IACxE,IAAI;QACA,MAAM,CAAC,aAAa,EAAE,CAAC;KAC1B;IAAA,OAAM,SAAS,EAAC;QACb,MAAM,CAAC,yBAAyB,SAAS,EAAE,CAAC,CAAA;KAC/C;IAED,IAAI,YAAY,EAAE;QACd,IAAI;YACA,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;YACpD,wDAAwD;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;gBACvC,MAAc,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,cAAc,CAAC;aAC/D;SACJ;QAAA,OAAM,SAAS,EAAC;YACb,MAAM,CAAC,mCAAmC,SAAS,EAAE,CAAC,CAAA;SACzD;KACJ;AAEL,CAAC"}
 ✄
 import { Cronet } from "../ssl_lib/cronet.js";
 import { socket_library } from "./android_agent.js";
@@ -578,7 +580,7 @@ export class Cronet_Android extends Cronet {
             },
             "arm64": {
                 primary: "3F 23 03 D5 FF C3 01 D1 FD 7B 04 A9 F6 57 05 A9 F4 4F 06 A9 FD 03 01 91 08 34 40 F9 08 11 41 F9 C8 07 00 B4",
-                fallback: "3F 23 03 D5 FF 03 02 D1 FD 7B 04 A9 F7 2B 00 F9 F6 57 06 A9 F4 4F 07 A9 FD 03 01 91 08 34 40 F9 08 11 41 F9 E8 0F 00 B4" // Fallback pattern
+                fallback: "3F 23 03 D5 FF 03 02 D1 FD 7B 04 A9 F7 2B 00 F9 F6 57 06 A9 F4 4F 07 A9 FD 03 01 91 08 34 40 F9 08 ?? 41 F9 E8 0F 00 B4" // Fallback pattern
             },
             "arm": {
                 primary: "2D E9 F0 43 89 B0 04 46 40 6B D0 F8 2C 01 00 28 49 D0",

diff --git a/friTap/about.py b/friTap/about.py
@@ -2,5 +2,5 @@
 # -*- coding: utf-8 -*-
 
 __author__ = "Daniel Baier, Francois Egner, Max Ufer"
-__version__ = "1.2.3.0"
+__version__ = "1.2.3.6"
 debug = False # are we running in debug mode?
diff --git a/friTap/friTap.py b/friTap/friTap.py
@@ -122,7 +122,8 @@ def main():
         ssl_log = SSL_Logger(parsed.exec, parsed.pcap, parsed.verbose,
                 parsed.spawn, parsed.keylog, parsed.enable_spawn_gating, parsed.mobile, parsed.live, parsed.environment, parsed.debug, parsed.full_capture, parsed.socket_tracing, parsed.host, parsed.offsets, parsed.debugoutput, parsed.experimental, parsed.anti_root, parsed.payload_modification, parsed.enable_default_fd, parsed.patterns)
 
-        process = ssl_log.start_fritap_session()      
+        process = ssl_log.start_fritap_session()  
+
         sys.stdin.read()
     except frida.TransportError as fe:
         print(f"[-] Problems while attaching to frida-server: {fe}")