Decoded dtx sniffing with additional debug info over utun

ios/debugproxy/utun/decoding.go

@@ -7,6 +7,7 @@ import (
 	"encoding/binary"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"io"
 
 	dtx "github.com/danielpaulus/go-ios/ios/dtx_codec"
@@ -116,22 +117,27 @@ func decodeRemoteXpc(w io.Writer, r io.Reader) error {
 			log.Info("file transfer started, skipping remaining data ")
 			return nil
 		}
+
+		fmt.Fprintf(w, "\n")
 	}
 }
 
 func decodeRemoteDtx(w io.Writer, r io.Reader) error {
 	for {
-		m, err := dtx.ReadMessage(r)
+		m, err := dtx.ReadMessageNonBlocking(r)
 		if err != nil {
 			if errors.Is(err, io.EOF) {
 				return nil
 			}
 			return err
 		}
 
-		buf := bytes.NewBufferString(m.StringDebug() + "\n")
+		buf := bytes.NewBufferString(m.StringDebug())
 		if _, err := io.Copy(w, buf); err != nil {
 			return err
 		}
+
+		fmt.Fprintf(w, "\nRaw Bytes:%x", m.RawBytes)
+		fmt.Fprintf(w, "\n\n")
 	}
 }

ios/dtx_codec/decoder.go

@@ -3,6 +3,7 @@ package dtx
 import (
 	"bytes"
 	"encoding/binary"
+	"encoding/json"
 	"fmt"
 	"io"
 
@@ -92,6 +93,36 @@ func ReadMessage(reader io.Reader) (Message, error) {
 	return result, nil
 }
 
+// ReadMessage uses the reader to fully read a Message from it in non-blocking mode. Used for sniffing the utun interface.
+func ReadMessageNonBlocking(reader io.Reader) (Message, error) {
+	header := make([]byte, 32)
+	_, err := io.ReadFull(reader, header)
+	if err != nil {
+		return Message{}, err
+	}
+	if binary.BigEndian.Uint32(header) != DtxMessageMagic {
+		return Message{}, NewOutOfSync(fmt.Sprintf("Wrong Magic: %x", header[0:4]))
+	}
+	result := readHeader(header)
+
+	messageLength := result.MessageLength
+
+	remainingBytes := make([]byte, messageLength)
+	_, err = io.ReadFull(reader, remainingBytes)
+	if err != nil {
+		d, _ := json.Marshal(result)
+		log.Printf("%s", string(d))
+
+		return Message{}, err
+	}
+
+	m, _, err := DecodeNonBlocking(append(header, remainingBytes[:]...))
+	if err != nil {
+		return Message{}, err
+	}
+	return m, nil
+}
+
 // DecodeNonBlocking should only be used for the debug proxy to on the fly decode DtxMessages.
 // It is used because if the Decoder encounters an error, we can still keep reading and forwarding the raw bytes.
 // This ensures that the debug proxy keeps working and the byte dump can be used to fix the DtxDecoder

main.go

@@ -101,7 +101,7 @@ Usage:
   ios ps [--apps] [options]
   ios ip [options]
   ios forward [options] <hostPort> <targetPort>
-  ios dproxy [--binary]
+  ios dproxy [--binary]  [--mode=<all(default)|usbmuxd|utun> --iface=<iface> --address=<ipv6addrr> --rsd-port=<port>]
   ios readpair [options]
   ios pcap [options] [--pid=<processID>] [--process=<processName>]
   ios install --path=<ipaOrAppFolder> [options]
@@ -199,7 +199,7 @@ The commands work as following:
    >                                                                  If you wanna speed it up, open apple maps or similar to force network traffic.
    >                                                                  f.ex. "ios launch com.apple.Maps"
    ios forward [options] <hostPort> <targetPort>                      Similar to iproxy, forward a TCP connection to the device.
-   ios dproxy [--binary] [--mode=<all(default)|usbmuxd|utun> --iface=<iface>] [--address=<ipv6addrr>] [--rsd-port=<port>] Starts the reverse engineering proxy server.
+   ios dproxy [--binary] [--mode=<all(default)|usbmuxd|utun> --iface=<iface> --address=<ipv6addrr> --rsd-port=<port>] Starts the reverse engineering proxy server.
    >                                                                  It dumps every communication in plain text so it can be implemented easily.
    >                                                                  Use "sudo launchctl unload -w /Library/Apple/System/Library/LaunchDaemons/com.apple.usbmuxd.plist"
    >                                                                  to stop usbmuxd and load to start it again should the proxy mess up things.