Skip to content

Releases: gojue/ecapture

eCapture v0.4.8

05 Nov 13:39
@github-actions github-actions
v0.4.8
078f180
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.8

Breaking Changes

  1. Changed license to Apache License 2.0 from AGPL 3.0.
  2. Supported versions of openssl are 1.1.0* , 1.0.2* .
  3. Supported minimum version of Clang is 9.0.
  4. Added GitHub release action of Android X86_64 binaries(default: non co-re version).

What's Changed

  • user : Tolower openssl version strings. by @cfc4n in #250
  • cli : remove other modules on android. by @cfc4n in #251
  • utils: add eCapture lua script for wireshark plugin. by @cfc4n in #248
  • feat: updated new openssl version by @cfc4n in #255
  • feat : support openssl 1.1.0* and 1.0.2* by @cfc4n in #257
  • fix: Build failed on clang10 (#256) by @cfc4n in #258
  • docs : Change license to Apache License 2.0 by @cfc4n in #259
  • workflows : release Android x86_64 use nocore model. by @cfc4n in #260

Full Changelog: v0.4.7...v0.4.8

Contributors

cfc4n
Assets 8
Loading

eCapture v0.4.7

23 Oct 14:34
@github-actions github-actions
v0.4.7
79133c7
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.7

Breaking Changes

add --ssl_version flag to set the SSL library version
supported ssl libraries version lists:

  • openssl 1.1.1* , (1.1.1a - 1.1.1r)
  • openssl 3.0.* , (3.0.0 - 3.0.6)
  • boringssl 1.1.1
ecapture tls
ecapture tls --hex --pid=3423
ecapture tls -l save.log --pid=3423
ecapture tls --libssl=/lib/x86_64-linux-gnu/libssl.so.1.1
ecapture tls -w save_3_0_5.pcapng --ssl_version="openssl 3.0.5" --libssl=/lib/x86_64-linux-gnu/libssl.so.3 
ecapture tls -w save_android.pcapng -i wlan0 --libssl=/apex/com.android.conscrypt/lib64/libssl.so --ssl_version="boringssl 1.1.1" --port 443

What's Changed

Full Changelog: v0.4.6...v0.4.7

Contributors

cfc4n and blaisewang
Assets 7
Loading

eCapture v0.4.6

15 Oct 10:22
@github-actions github-actions
v0.4.6
dc5200e
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.6

What's Changed

  • user/module : compatiable Linux kernel less or more than 5.2 by @cfc4n in #238

Full Changelog: v0.4.5...v0.4.6

Contributors

cfc4n
Assets 7
Loading

eCapture v0.4.5

10 Oct 13:09
@github-actions github-actions
v0.4.5
5019952
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.5

What's Changed

  • kern: capture master secrets for tls 1.3 by @cfc4n in #232

Full Changelog: v0.4.4...v0.4.5

Contributors

cfc4n
Assets 7
Loading

eCapture v0.4.4

03 Oct 14:48
@github-actions github-actions
v0.4.4
dfd72f5
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.4

What's Changed

New Contributors

Full Changelog: v0.4.3...v0.4.4

Contributors

cfc4n, blaisewang, and allcontributors
Assets 7
Loading

eCapture v0.4.3

09 Sep 11:56
@github-actions github-actions
v0.4.3
1edb73e
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.3

What's Changed

  • fix: use cipher id to derive secret by @blaisewang in #192
  • kern: get ssl_session in the *SSL_get_session() order . by @cfc4n in #193

Full Changelog: v0.4.2...v0.4.3

Warning

ecapture-v0.4.3-android-aarch64_nocore.tar.gz build on kernel 5.4 .using it means binary compatibility for can't be guaranteed.

Contributors

cfc4n and blaisewang
Assets 7
Loading

eCapture v0.4.2 release (Linux x86_64/aarch64, Android kernel 5.5+).

04 Sep 12:42
@github-actions github-actions
v0.4.2
3f2263c
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.2 release (Linux x86_64/aarch64, Android kernel 5.5+).

What's Changed

Full Changelog: v0.4.1...v0.4.2

Contributors

cfc4n and blaisewang
Assets 6
Loading

eCapture v0.4.1 release (Linux x86_64/aarch64, Android kernel 5.5+).

21 Aug 16:05
@github-actions github-actions
v0.4.1
c6ff9aa
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.1 release (Linux x86_64/aarch64, Android kernel 5.5+).

What's Changed

  • kern : define variable target_port always. by @cfc4n in #157
  • workflows : build nocore version for Android default. by @cfc4n in #159
  • pkg : Ifname default value. by @cfc4n in #161
  • user : skip loopback network interface by @cfc4n in #163
  • user : tls models exit gracefully. by @cfc4n in #165
  • git: ignore .check* files by @blaisewang in #168
  • pkg : fix config file parse failed, when as gzip format. by @cfc4n in #169
  • fix gzip read err by @4ft35t in #175
  • pkg/util/ebpf : add unit testing for kernel CONFIG reader by @cfc4n in #176
  • user : fix incorrect TimeStamp by @cfc4n in #179
  • cli/cmd : print version info by @cfc4n in #177
  • kern : support boringssl offset for Android 12. by @cfc4n in #181

New Contributors

Full Changelog: v0.4.0...v0.4.1

Contributors

cfc4n, 4ft35t, and blaisewang
Assets 7
Loading

eCapture v0.4.0 release (Linux x86_64/aarch64, Android kernel 5.5+).

07 Aug 10:53
@github-actions github-actions
v0.4.0
b28ab31
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.4.0 release (Linux x86_64/aarch64, Android kernel 5.5+).

Note

Support Wireshark to open directly. Do not need to setting up Master Secrets files.

Capture raw packet by Traffic Control eBPF filter. Added Master Secrets information into pcapng
with Decryption Secrets Block (DSB).

Warning

change loggerFile flag as -l from -w , because -w is reserved for Wireshark, and keep same as -w
for tcpdump. use ecapture -h for help.
change master secrets filename from ecapture_masterkey_[pid].log to ecapture_masterkey.log.

What's Changed

  • new feature: capture TLS 1.3 master secret by @cfc4n in #143
  • user : echo String() or StringHex() by CLI argument. by @cfc4n in #149
  • cli/cmd : clean up all probe while process exit. (#150) by @cfc4n in #151
  • save as Pcapng files #145 by @cfc4n in #148
  • user : Support writing pcapng files with Decryption Secrets Block (DSB). by @cfc4n in #153

Full Changelog: v0.3.0...v0.4.0

Contributors

cfc4n
Assets 6
Loading

eCapture v0.3.0 release (Linux x86_64/aarch64, Android kernel 5.5+).

20 Jul 15:40
@github-actions github-actions
v0.3.0
d9f115b
This commit was signed with the committer’s verified signature.
cfc4n CFC4N
GPG key ID: 9E230A4A9C871244
Learn about vigilant mode.
Compare
Choose a tag to compare
eCapture v0.3.0 release (Linux x86_64/aarch64, Android kernel 5.5+).

Breaking Changes

Capture TLS master_key ,save to file. Support openssl 1.1.1.X . TLS 1.2 .

Quick Guide:

  • use ecapture to capture TLS master_key, will save master secret to ecapture_masterkey_[pid].log.
  • use tcpdump to capture and save packets to xxx.pcapng file.
  • open xxx.pcapng file with wireshark.
  • Setting : Wireshark --> Preferences --> Protocols --> TLS --> (Pre)-Master-Secret log filename, select ecapture_masterkey_[pid].log.
  • Using : right click packet item, select follow -> HTTP Stream / HTTP/2 Stream

What's Changed

  • all : refactor event_processor EventType. by @cfc4n in #134
  • fixed #138 : You have an error in your yaml syntax on line 79 by @cfc4n in #139
  • New feature: capture openssl masterkey #27 by @cfc4n in #140

Full Changelog: v0.2.2...v0.3.0

Contributors

cfc4n
Assets 6
Loading