Add support for skipping known-problematic ports in Frida native capture

This only affects Frida's native connect hook, which forcibly captures
traffic that ignores the proxy server. In most cases that's fine and
important (e.g. for Flutter apps) but in certain scenarios where the
traffic is completely non-HTTP it can cause problems. We could make this
configurable later, but for now we just track a few high profile cases.

Author: pimterry

src/interceptors/frida/frida-android-integration.ts

@@ -195,6 +195,12 @@ export async function getAndroidFridaTargets(adbClient: AdbClient, hostId: strin
     return apps;
 }
 
+// Various ports which we know that certain apps use for non-HTTP traffic that we
+// can't currently intercept, so we avoid capturing for now.
+const KNOWN_APP_PROBLEMATIC_PORTS: Record<string, number[] | undefined> = {
+    'com.spotify.music': [4070]
+};
+
 export async function interceptAndroidFridaTarget(
     adbClient: AdbClient,
     hostId: string,
@@ -229,7 +235,8 @@ export async function interceptAndroidFridaTarget(
         const interceptionScript = await buildAndroidFridaScript(
             caCertContent,
             proxyIp,
-            proxyPort
+            proxyPort,
+            KNOWN_APP_PROBLEMATIC_PORTS[appId] ?? []
         );
 
         await launchScript(`Android (${appId})`, session, interceptionScript);

src/interceptors/frida/frida-ios-integration.ts

@@ -115,6 +115,12 @@ export async function getIosFridaTargets(usbmuxClient: UsbmuxClient, hostId: str
     return apps;
 }
 
+// Various ports which we know that certain apps use for non-HTTP traffic that we
+// can't currently intercept, so we avoid capturing for now.
+const KNOWN_APP_PROBLEMATIC_PORTS: Record<string, number[] | undefined> = {
+    'com.spotify.client': [4070]
+};
+
 export async function interceptIosFridaTarget(
     usbmuxClient: UsbmuxClient,
     hostId: string,
@@ -138,7 +144,8 @@ export async function interceptIosFridaTarget(
         const interceptionScript = await buildIosFridaScript(
             caCertContent,
             proxyIp,
-            proxyPort
+            proxyPort,
+            KNOWN_APP_PROBLEMATIC_PORTS[appId] ?? []
         );
 
         await launchScript(`iOS (${appId})`, session, interceptionScript);

src/interceptors/frida/frida-scripts.ts

@@ -9,23 +9,26 @@ function buildFridaConfig(
     configScriptTemplate: string,
     caCertContent: string,
     proxyHost: string,
-    proxyPort: number
+    proxyPort: number,
+    portsToIgnore: number[]
 ) {
     return configScriptTemplate
         .replace(/(?<=const CERT_PEM = `)[^`]+(?=`)/s, caCertContent.trim())
         .replace(/(?<=const PROXY_HOST = ')[^']+(?=')/, proxyHost)
-        .replace(/(?<=const PROXY_PORT = )\d+(?=;)/, proxyPort.toString());
+        .replace(/(?<=const PROXY_PORT = )\d+(?=;)/, proxyPort.toString())
+        .replace(/(?<=const IGNORED_NON_HTTP_PORTS = )\[\s*\](?=;)/s, JSON.stringify(portsToIgnore));
 }
 
 export async function buildAndroidFridaScript(
     caCertContent: string,
     proxyHost: string,
-    proxyPort: number
+    proxyPort: number,
+    portsToIgnore: number[]
 ) {
     const scripts = await Promise.all([
         fs.readFile(path.join(FRIDA_SCRIPTS_ROOT, 'config.js'), { encoding: 'utf8' })
             .then((configTemplate) =>
-                buildFridaConfig(configTemplate, caCertContent, proxyHost, proxyPort)
+                buildFridaConfig(configTemplate, caCertContent, proxyHost, proxyPort, portsToIgnore)
             ),
         ...[
             ['native-connect-hook.js'],
@@ -45,12 +48,13 @@ export async function buildAndroidFridaScript(
 export async function buildIosFridaScript(
     caCertContent: string,
     proxyHost: string,
-    proxyPort: number
+    proxyPort: number,
+    portsToIgnore: number[]
 ) {
     const scripts = await Promise.all([
         fs.readFile(path.join(FRIDA_SCRIPTS_ROOT, 'config.js'), { encoding: 'utf8' })
             .then((configTemplate) =>
-                buildFridaConfig(configTemplate, caCertContent, proxyHost, proxyPort)
+                buildFridaConfig(configTemplate, caCertContent, proxyHost, proxyPort, portsToIgnore)
             ),
         ...[
             ['ios', 'ios-connect-hook.js'],