Skip to content

Latest commit

 

History

History
72 lines (57 loc) · 2.77 KB

README.md

File metadata and controls

72 lines (57 loc) · 2.77 KB

TEA (TLS Exception Analyzer)

Repo on GitHub Repo on GitLab license Python Version

Analyze iOS apps regarding App Transport Security (ATS) exception and extract urls and domains.

TEA Dashboard

Usage

Prepare a folder containing .ipa files for analysis. To extract multiple apps at once you can use ipdumper.

Parameters

Full example: python -m flask analyze -w /home/testdir -v INFO -c true

Required

  • --work-dir (-w)
    • Specify your working directory.

Optional

  • --verbosity (-v)
    • Log level, values: [INFO, WARNING, DEBUG]
    • Default: INFO
  • --cleanup (-c)
    • Extract in place: When true, the extracted .ipa directories are deleted in order to save space. Original .ipa files are always untouched.
    • Default: false

Output

Currently, the data is stored in a SQLite database as can be seen in config.py and controlled via .flaskenv

Deployment

To deploy the web-application a Dockerfile is provided.

Docker

To build a Docker image run inside the directory including the Dockerfile the following command.

  $ docker build --tag tea .

To start a new container with the name tea-prod, which uses the previously built image and exposes its HTTP port on port 5009 of the host system, run the following command:

  $ docker run --name tea-prod -d -p 5009:5001 tea

Port 5001 is the internal listening port for incoming HTTP traffic, this port needs to be exposed to the host system on any free port. The above example shows 5009 on the host system, of course any other port can be chosen as well.

Reverse Proxy

Example nginx webserver config for reverse-proxying to the above-mentioned container. HSTS headers included.

server {
        listen <ip-v4> ssl http2;
        listen <ip-v6>:443 ssl http2;

        server_name <hostname>;

        ssl_certificate <tls-cert-path>;
        ssl_certificate_key <tls-private-key-path>;

        location / {
            proxy_hide_header Strict-Transport-Security;
            add_header Strict-Transport-Security "max-age=31536000; preload";

            proxy_pass http://<target-machine>:5009/;
        }    
    }