OSSIM Mobile now available ;-)
Sat, 01 Dec 2007

Well, kindof at least...

Since Apple's iPhone is basically a stripped down MacosX and it has some nice toys to play with, I thought I'd give the provided python port a try and fire up the OSSIM agent. As expected everything worked like a charm and getting ossim up & running was very easy. Here is the rest of it.

::start here

Next thing was the logs. By default syslog isn't logging on the device, so you have to enable it manually. A bit of googling did the job and I quickly were able to find how to do this:

  1. Copy /etc/syslogd.conf from any mac
  2. Break /System/Library/LaunchDaemons/apple.com.syslogd with random text so it doesn't get loaded
  3. Restart the phone (just killing syslog should work too) and run /usr/sbin/syslogd -bsd_out 1 &

Voila, syslog up & running.

Now the fun part. Looking at what kind of events the iphone generated I thought maybe this little toy may deserve a plugin on it's own. So after some poking around I came up with a small list of interesting events:

  • Dec 1 17:33:03 localhost /usr/sbin/mediaserverd: In H264 decode frame thread the first time
  • Dec 1 17:36:19 localhost YouTube[189]: clearing out queue
  • Dec 1 17:37:26 localhost crashdump[199]: Creating crash report for process vi[192]
  • Dec 1 17:40:25 localhost MobileSMS[219]: SummerBoardLoader: SummerBoardService available.
  • Dec 1 17:47:32 localhost MobileCal[235]: SummerBoardLoader: SummerBoardService available.
  • Dec 1 17:51:29 localhost SpringBoard[15]: Memory level is urgent (10), but there are no apps to warn!
  • Dec 1 17:54:14 localhost MobileMusicPlayer[50]: initializeMainUI, Role = 2 (MediaPlayer)
  • Dec 1 17:55:23 localhost Installer[51]: ATInstaller: Initializing...
  • Dec 1 17:55:29 localhost Installer[51]: ATPackageManager: Refreshing source: http://conceitedsoftware.com/iphone/
  • Dec 1 17:56:30 localhost Installer[51]: ATPackageManager: Perfoming operation "Install" on package "Tapp"...
  • Dec 1 18:25:02 localhost Installer[58]: ATPackageManager: Queued package "Tapp" for operation "Uninstall".
  • Dec 1 17:56:30 localhost Installer[51]: ATUnpacker: Extracting folder: Tapp.app/ >> /Applications/Tapp.app
  • Dec 1 17:56:31 localhost Installer[51]: ATUnpacker: Extracting file: Tapp.app/TableApp >> /Applications/Tapp.app/TableApp
  • Dec 1 18:25:02 localhost Installer[58]: Executing script instruction: RemovePath with arguments ("/Applications/Tapp.app")
  • Dec 1 17:58:47 localhost MobileBluetooth[12]: Session::attach "com.apple.mobilephone1014721381"
So, after a rainy afternoon I had my fully working iphone plugin.

See it in action on the following screens:

Could have some interesting big brother uses... and the good thing is, if the agent has no connection to the server it will queue up the events and send them the next time it can reach it.

And for the end, a quick proof of concept screenshot 

2007-12-01 19:03:29,366 Conn [DEBUG]: event type="detector" date="2007-12-01 17:58:34" sensor="127.0.0.1" 
interface="any" plugin_id="4006" plugin_sid="4" protocol="tcp" src_ip="127.0.0.1" userdata1="MobilePhone" 
userdata2="55" log="Dec  1 17:58:34 localhost MobilePhone[55]: SummerBoardLoader: SummerBoardService 
available."
^C2007-12-01 19:03:31,192 Agent [WARNING]: Kill signal received, exiting..
2007-12-01 19:03:31,200 Conn [INFO]: Closing server connection..
2007-12-01 19:03:31,210 Stats [INFO]: 
-------------------------
 Agent execution summary:
  + Startup date: Sat Dec  1 19:03:10 2007
  + Shutdown date: Sat Dec  1 19:03:31 2007
  + Total events: 66 (Detector: 66, Monitor: 0)
    - plugin_id 4006: 66
  + Apps restarted by watchdog: 0
  + Server reconnection attempts: 0
-------------------------
2007-12-01 19:03:31,224 Stats [INFO]: Agent statistics written in /var/log/ossim/agent_stats.log
zsh: killed     ./ossim-agent -v
# uname -a
Darwin iPhone 9.0.0d1 Darwin Kernel Version 9.0.0d1: Wed Sep 19 00:08:43 PDT 2007; 
root:xnu-933.0.0.203.obj~21/RELEASE_ARM_S5L8900XRB iPhone1,1 Darwin
#

posted at: 18:43 | path: /ossim/plugins | permanent link to this entry | 3 comments |
Tags: , , ,



* Posted by Ken Bergquist at Tue Dec 18 23:27:37 2007
DK - is this complete? Or is something missing here:

very easy. Here is the rest of it.
::start here

?
* Posted by Dominique Karg at Wed Dec 19 08:07:13 2007
Yes it is, maybe a browser issue ?

http://www.ossim.com/blog/dk/ossim/plugins/iphone_plugin.html

That's the full html page, if you click on "read more" on the index you should reach it.
* Posted by Maurice Diekhorst at Tue Nov 11 08:22:08 2008
::start here

This part is empty in every browser I use.
So I assume its not any browser issue.
How can I get the full info how to get Ossim onto my iPhone?

Could you aswell email me the full tutorial DK?

Name:


E-mail:


URL:


Comment:


 Categories

/ (57)
    code/ (1)
    feed/ (1)
    friends/ (1)
    ossim/ (37)
        installer/ (3)
        plugins/ (2)
        tuning/ (3)
        tutorials/ (8)
    personal/ (16)
        campus/ (2)
        opinion/ (1)
        travel/ (1)
    rants/ (1)


Dominique Karg
(feel free to get in touch)
Friend's blogs:






RSS



< December 2007 >
MoTuWeThFrSaSu
      1 2
3 4 5 6 7 8 9
10111213141516
17181920212223
24252627282930
31      



Archives

2009-Jun
2009-May
2009-Apr
2009-Mar
2009-Feb
2009-Jan
2008-Dec
2008-Oct
2008-Aug
2008-Jul
2008-May
2008-Mar
2008-Feb
2008-Jan
2007-Dec
2007-Nov



Tags


Made with PyBlosxom