@echo off
REM Native credential capture - no mitmproxy needed!
REM Just Frida hooking everything

echo.
echo ====================================================
echo  NATIVE TRAFFIC CAPTURE
echo ====================================================
echo.
echo This will capture ALL HTTP/HTTPS calls, headers,
echo and credentials WITHOUT needing mitmproxy
echo.
echo Launching app now...
echo.

cd /d "%~dp0"

REM Kill any running instances
adb shell am force-stop com.canadapost.android 2>nul
timeout /t 1 >nul

echo [*] Starting app with native traffic capture...
echo [*] Watch below for API calls and credentials
echo.
echo When you see the login screen:
echo   1. Log in with credentials
echo   2. Go to Track Package
echo   3. Enter any package number
echo   4. WATCH FOR:
echo      - [HDR] Authorization: Bearer eyJ... (USER TOKEN - THE JUICE!)
echo      - [STATUS] 200/400 codes
echo      - [STORAGE] token values
echo.
echo ====================================================
echo.

REM Launch with native capture + bypass
frida -U -f com.canadapost.android -l frida_simple_bypass.js -l native_traffic_capture.js

echo.
echo [*] App session ended
echo [*] All captured traffic was shown above
echo [*] Copy any Bearer tokens you see for API testing
echo.
pause