FAQ¶

This section summarizes some common issues and their solutions or workarounds. You should always use the latest version to verify and address issues, rather than trying to fix them on an older version.

• Problem: Continuously receiving 'Service Unavailable' when using the Python interface or capturing packets

  Please ensure you have completed the relevant settings in the Installation Preparation chapter. Then, try restarting the device several times (~3 times). If the issue persists and you have other modules installed on your device, please disable all other modules, restart, and try again.

• Problem: After starting the service, the app fails to open, crashes, or detects an anomaly.

  This may be because some apps use app-zygote to detect Frida. You can circumvent this issue by configuring enhanced-stealth-mode=true in properties.local. The side effect is that you will not be able to use Frida's spawn-related features.

• Problem: Questions about packet capturing features.

  There's no need to ask if packets can be captured or if certain features are missing. FIRERPA handles everything for you, unlike the half-baked tools on the market, including some packet capturing software. If your current packet capturing software can't capture it, FIRERPA definitely can. If FIRERPA can't capture it, then no other software with the same logic can either. You don't need to worry about untrusted certificates. FIRERPA will install a system-level root certificate for the application during packet capturing; you don't need to do any of this yourself. For QUIC downgrade, startmitm automatically disables the UDP protocol. Therefore, under normal circumstances, if an app cannot use UDP, it will automatically downgrade and not use QUIC. All of this is handled for you automatically.

• Problem: The packet capturing script is running, but no data packets are being captured.

  There are a few possible reasons: one is that the app itself has certificate validation or pinning mechanisms, and another is that the pre- and post-processing steps were not performed correctly. How to determine if the app has a certificate validation mechanism: Enable global packet capturing and open other apps like a web browser to see if their traffic is captured normally. You should test several internet-connected apps to confirm. If some apps can be captured and others cannot, it's highly likely that the uncapturable apps are using a proprietary protocol or a certificate validation mechanism. This is often reflected in the startmitm log output with messages like Client TLS handshake failed, but this is not the main point. If you confirm that the app uses certificate validation, you will need to use other methods, such as reverse engineering, to dynamically bypass the validation mechanism before you can proceed with packet capturing. Regarding incorrect pre- and post-processing: In some cases, users may not have disabled the system firewall, preventing the phone from accessing the proxy port, which results in no activity. Another possibility is that the app had already established the necessary network connections before you started capturing. In this case, your traffic is sent through these pre-existing connections instead of the capture proxy. You need to manually force-stop the app after starting startmitm and then reopen it.

• Problem: After using one-click packet capturing, the phone seems to have lost its internet connection.

  Please check if your firewall is disabled.

• Problem: The packet capturing script shows 'Client TLS handshake failed, does not trust the proxy's certificate'

  If you can capture data packets from the target application normally, you can ignore this output. It might be a log generated by the certificate validation mechanism of other system apps or a third-party SDK within the app.

• Problem: After starting the service, some detection software reports abnormal features.

  First, please configure enhanced-stealth-mode=true in properties.local, restart, and try the detection again. If an anomaly is still detected, please confirm that the issue only occurs after starting FIRERPA. If you have confirmed this, please contact us.

• Problem: I installed the auto-start APK, but the service did not start correctly and is inaccessible.

  The auto-start APK is subject to the settings of different systems and may not start automatically with the system as expected. If it is inaccessible after booting, please start it manually by clicking Manual Start in the app. Then wait a minute and try to access it again. If it still fails to start, please try the manual installation or module installation methods.