From 6d76620f87e3243c602b5877d50eac1c1352b784 Mon Sep 17 00:00:00 2001
From: Ryan Govostes <rgovostes+git@gmail.com>
Date: Fri, 27 Jul 2018 20:34:25 +0900
Subject: [PATCH 1/3] Add -wait flag

---
 ssl_logger.py | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/ssl_logger.py b/ssl_logger.py
index 070e550..490d798 100644
--- a/ssl_logger.py
+++ b/ssl_logger.py
@@ -236,7 +236,7 @@
 ssl_sessions = {}
 
 
-def ssl_log(process, pcap=None, verbose=False):
+def ssl_log(process, pcap=None, verbose=False, wait=False):
   """Decrypts and logs a process's SSL traffic.
 
   Hooks the functions SSL_read() and SSL_write() in a given process and logs
@@ -353,6 +353,13 @@ def on_message(message, data):
       log_pcap(pcap_file, p["ssl_session_id"], p["function"], p["src_addr"],
                p["src_port"], p["dst_addr"], p["dst_port"], data)
 
+  while wait:
+    try:
+      frida.get_local_device().get_process(process)
+      break
+    except frida.ProcessNotFoundError:
+      time.sleep(0.1)
+
   session = frida.attach(process)
 
   if pcap:
@@ -407,13 +414,15 @@ def error(self, message):
 """)
 
   args = parser.add_argument_group("Arguments")
-  args.add_argument("-pcap", metavar="<path>", required=False,
+  args.add_argument("-pcap", metavar="<path>",
                     help="Name of PCAP file to write")
-  args.add_argument("-verbose", required=False, action="store_const",
-                    const=True, help="Show verbose output")
+  args.add_argument("-verbose", action="store_true",
+                    help="Show verbose output")
+  args.add_argument("-wait", action="store_true",
+                    help="Wait for the process")
   args.add_argument("process", metavar="<process name | process id>",
                     help="Process whose SSL calls to log")
   parsed = parser.parse_args()
 
   ssl_log(int(parsed.process) if parsed.process.isdigit() else parsed.process,
-          parsed.pcap, parsed.verbose)
+          parsed.pcap, parsed.verbose, parsed.wait)

From 5cd771d796134a30b6194a76b1b20eadefa28717 Mon Sep 17 00:00:00 2001
From: Ryan Govostes <rgovostes+git@gmail.com>
Date: Fri, 27 Jul 2018 20:44:57 +0900
Subject: [PATCH 2/3] Add a -ssl flag for the case where multiple libraries
 match *libssl*

---
 ssl_logger.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ssl_logger.py b/ssl_logger.py
index 490d798..e048bef 100644
--- a/ssl_logger.py
+++ b/ssl_logger.py
@@ -420,9 +420,14 @@ def error(self, message):
                     help="Show verbose output")
   args.add_argument("-wait", action="store_true",
                     help="Wait for the process")
+  args.add_argument("-ssl", metavar="<lib>",
+                    help="SSL library to hook (default: *libssl*)")
   args.add_argument("process", metavar="<process name | process id>",
                     help="Process whose SSL calls to log")
   parsed = parser.parse_args()
 
+  if parsed.ssl is not None:
+    _FRIDA_SCRIPT = _FRIDA_SCRIPT.replace('*libssl*', parsed.ssl)
+
   ssl_log(int(parsed.process) if parsed.process.isdigit() else parsed.process,
           parsed.pcap, parsed.verbose, parsed.wait)

From d8af428623dabf228814475c0a168d7c9c8502d1 Mon Sep 17 00:00:00 2001
From: Ryan Govostes <rgovostes+git@gmail.com>
Date: Fri, 27 Jul 2018 20:45:33 +0900
Subject: [PATCH 3/3] Add a requirements file

---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 requirements.txt

diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..9ac4fdf
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1 @@
+frida>=12.0.7