What's new

Solved Help with network traffic tampering/analysis.

  • Thread starter TheRealJu4n
  • Start date
  • Views 2,492
TheRealJu4n

TheRealJu4n

Enthusiast
Messages
133
Solutions
1
Reaction score
91
Points
115
Sin$
7
I would like to know if there's anybody around here who has any experience with the analysis and tampering of the network traffic between an Android device running the iFruit app and the game servers, there's not much available online on the topic except a few posts from a crew who played a bit with it on Windows using "Charles Proxy" ages ago. I spent some time with the thing before concentrating in the casino and made some progress i'm willing to share. Because of the limitations of smartphone apps compared with PS4 apps this is a weaker spot where to hit if you are into car modding, which i'm not.
 
Last edited by a moderator:
Solution
S
When inspecting/tampering Android network traffic i always used Linux as the router/firewall. Never inspected/tampered with iPhone or PC traffic so don't ask, i don't know sheet.

Handling an Android device and the multiple Linux command line consoles is messy, that is why i used the free virtualization software Virtualbox and Android-x86, a free version of Android for PC.

Sniffers i used where in two categories: passive sniffers which can only "watch" traffic and active sniffers you can manipulate the traffic with. I am not giving away the tools of my trade here, only one of them, the most basic one, it is included by default in most Linux distributions and the name is "tcpdump".

Advanced Windows users can do exactly the same...
S

SuckmyNONgodmodeD

Enthusiast
Messages
1,178
Solutions
2
Reaction score
647
Points
175
Sin$
7
I would like to know if there's anybody around here who has any experience with the analysis and tampering of the network traffic between an Android device running the iFruit app and the game servers, there's not much available online on the topic except a few posts from a crew who played a bit with it on Windows using "Charles Proxy" ages ago. I spent some time with the thing before concentrating in the casino and made some progress i'm willing to share. Because of the limitations of smartphone apps compared with PS4 apps this is a weaker spot where to hit if you are into car modding, which i'm not.

Few posts? That's a 300 odd page thread with a information loaded OP. On the last few pages there's discussion on how to get around now r* enabled SSL encryption between the app and their servers.
Ifruit for pc was retired over a year ago. It doesn't communicate with the servers anymore. We only have android and iPhone apps now.
 
Upvote 0
TheRealJu4n

TheRealJu4n

Enthusiast
Messages
133
Solutions
1
Reaction score
91
Points
115
Sin$
7
When inspecting/tampering Android network traffic i always used Linux as the router/firewall. Never inspected/tampered with iPhone or PC traffic so don't ask, i don't know sheet.

Handling an Android device and the multiple Linux command line consoles is messy, that is why i used the free virtualization software Virtualbox and Android-x86, a free version of Android for PC.

Sniffers i used where in two categories: passive sniffers which can only "watch" traffic and active sniffers you can manipulate the traffic with. I am not giving away the tools of my trade here, only one of them, the most basic one, it is included by default in most Linux distributions and the name is "tcpdump".

Advanced Windows users can do exactly the same, there is Virtualbox for Windows and passive/active sniffers available. If you try the Windows way and fail in the setup of the Android Virtualbox machine you can use BlueStacks instead.

If all you want is basic manipulation of non-encrypted outgoing network traffic to a single TCP port then installing an active sniffer and dealing with a new scripting language for the filter is overkill, use "netsed" instead.

In addition to the network attack vector the iFruit app is also very vulnerable and can be manipulated itself by extracting the APK file to a Linux machine, "decompiling" the app with ApkTool and friends, then manipulate the files and "recompile" the APK again for creating your own custom iFruit app.

I didn't tamper with the iFruit traffic, all my tests where made using an Android videogame which also connected to an internet server, i have a 5 years old proof-of-concept video somewhere. And for the decompiling and modification of Android apps i didn't use iFruit either, my tests were with an Android IRC app, i needed to modify timeout parameters.
 
Last edited:
Upvote 0
S

SuckmyNONgodmodeD

Enthusiast
Messages
1,178
Solutions
2
Reaction score
647
Points
175
Sin$
7
When inspecting/tampering Android network traffic i always used Linux as the router/firewall. Never inspected/tampered with iPhone or PC traffic so don't ask, i don't know sheet.

Handling an Android device and the multiple Linux command line consoles is messy, that is why i used the free virtualization software Virtualbox and Android-x86, a free version of Android for PC.

Sniffers i used where in two categories: passive sniffers which can only "watch" traffic and active sniffers you can manipulate the traffic with. I am not giving away the tools of my trade here, only one of them, the most basic one, it is included by default in most Linux distributions and the name is "tcpdump".

Advanced Windows users can do exactly the same, there is Virtualbox for Windows and passive/active sniffers available. If you try the Windows way and fail in the setup of the Android Virtualbox machine you can use BlueStacks instead.

If all you want is basic manipulation of non-encrypted outgoing network traffic to a single TCP port then installing an active sniffer and dealing with a new scripting language for the filter is overkill, use "netsed" instead.

In addition to the network attack vector the iFruit app is also very vulnerable and can be manipulated itself by extracting the APK file to a Linux machine, "decompiling" the app with ApkTool and friends, then manipulate the files and "recompile" the APK again for creating your own custom iFruit app.

I didn't tamper with the iFruit traffic, all my tests where made using an Android videogame which also connected to an internet server, i have a 5 years old proof-of-concept video somewhere. And for the decompiling and modification of Android apps i didn't use iFruit either, my tests were with an Android IRC app, i needed to modify timeout parameters.

So what exactly is it you were asking? The only reason to tamper with ifruit traffic is to access unobtainable items (yankton plate, green or crystal tint, patriot smoke) or mod vehicles which don't show up as a moddable vehicle in the app. It USED to allow for buying mods you hadn't unlocked by rank yet or profanity plates but that is blocked server side now.

All you need for this is Charles and can edit the order in full and all the instructions for that are on the thread you linked. If you wish to use more advanced tools to do what can easily be done with a Windows PC and Android phone that's entirely up to you. For such an advanced user though, I'm surprised you end up asking questions like what's fastest way to get rid of dupes without selling them :thumbsdown:
 
Upvote 0
Solution
Top Bottom
Login
Register