Instructions are for Linux, not tested on Windows. If you do not have access to a physical rooted Android device, you can install Bliss OS in a virtual machine, I use QEMU/KVM and it works flawlessly.
-
Install python3-virtualenv, socat, and wireshark with your distro's package manager, e.g.
dnf install python3-virtualenv socat wireshark -
Clone repo and cd into its directory.
-
Create new virtualenv with
python -m venv .venv -
Enter the virtualenv with
source .venv/bin/activate -
Install dependencies with
pip install -r requirements.txt -
Connect ADB to device either remotely or via USB.
-
Launch frida-server on rooted android device with Blink app installed
-
Run
./start.sh <host ip> <android device ip>e.g../start.sh 192.168.0.192 192.168.124.223Note: On first run openssl will prompt you to fill out details for a self-signed certificate, you may leave all defaults. You may also need to run this script as root, as it listens on port 443 (libwalnut seems to not like if you try to connect to an immis stream on a different port)
-
Launch wireshark, listen on loopback (lo) interface, filter on
tcp.port == 8088.