Simple framework to demo how we can intercept URLRequest in iOS Apps. This framework allows you to inspect the details of all outgoing requests from the app. This includes requests sent out by 3rd party framework like FacebookSDK, Google Analytics, etc. It is possible to use this framework to inspect and intercept App Store apps even on non-jailbroken devices.
NetworkInterceptor is available through CocoaPods. To install it, simply add the following line to your Podfile:
pod 'NetworkInterceptor'
- NetworkInterceptor.swift Main class that manages the URLRequest interception process.
- NetworkRequestSniffableUrlProtocol.swift UrlProtocol class that allows us to observe (and sniff) outgoing requests. that manages the URLRequest interception process.
- NetworkRedirectUrlProtocol.swift UrlProtocol class that allows us to redirect requets to a different URL.
- RequestEvaluator Protocol for classes to evaluate whether operation on URLRequest is allowed
- SniffableRequestHandler Protocol for classes to handle sniffing/spying on URLRequest
- RedirectableRequestHandler Protocol for classes to handle the creation of Redirect URLRequests.
- NetworkInterceptorConfig Struct that defines the config object used to setup the Interception process
Example 1: Log all http/https requests using NSLog
let requestSniffers: [RequestSniffer] = [
RequestSniffer(requestEvaluator: AnyHttpRequestEvaluator(), handlers: [
SniffableRequestHandlerRegistrable.console(logginMode: .nslog).requestHandler()
])
]
let networkConfig = NetworkInterceptorConfig(requestSniffers: requestSniffers)
NetworkInterceptor.shared.setup(config: networkConfig)
NetworkInterceptor.shared.startRecording()
Example 2: For all requests that points to "www.antennahouse.com", redirect all matching requests to a custom URL
let requestRedirectors: [RequestRedirector] = [
RequestRedirector(requestEvaluator: DomainHttpRequestEvaluator(domain: "www.antennahouse.com"),
redirectableRequestHandler: AlternateUrlRequestRedirector(url: URL(string: "https://www.rhodeshouse.ox.ac.uk/media/1002/sample-pdf-file.pdf")!))
]
let networkConfig = NetworkInterceptorConfig(requestRedirectors: requestRedirectors)
NetworkInterceptor.shared.setup(config: networkConfig)
NetworkInterceptor.shared.startRecording()
AnyHttpRequestInterceptor.swift Intercepts all http and https requests
DomainHttpRequestEvaluator.swift Intercepts all http and https requests that matches a given doman URL
ConsoleLoggerSniffableRequestHandler.swift Prints request in cURL format to the console
SlackSniffableRequestHandler.swift Sends the request in cURL format to a designated Slack channel. You are required to provide your own Slack Authentication Token and slack channel ID for this to work.
SlackHookSniffableRequestHandler.swift Sends the request in cURL format to a designated Slack using Webhooks. You are required to provide the Webhook url
AlternateDomainSniffableRequestHandler.swift Sends the copy of the request to an alternate domain
AlternateDomainRequestRedirector.swift Redirects request to a different domain.
AlternateUrlRequestRedirector.swift Requests request to a complete different URL
- Create a new Dynamic Framework Project and use NetworkInterceptor pod. We will only use this framework to start NetworkInterceptor recording.
- Use Objective C to load code into memory. Refer to the example project in this repository.
static void __attribute__((constructor)) initialize(void)
- Build the library using iphoneos architecture.
- Get an .ipa file that does not have Digital Rights Management protection. You can download cracked .ipa from https://www.iphonecake.com
- Inject both the NetworkInterceptor pod framework and your new Dynamic Framework into the .ipa using optool. You can also use the scripts from in this repository https://github.com/depoon/iOSDylibInjectionDemo. Make sure you included any necessary dependent framework or libraries.
- Use Cydia Impactor to sideload the modified app.