A brief discussion on using tcpdump, Wireshark to capture and analyze Android apps

Source: Internet
Author: User

This article focuses on how to use Tcpdump and Wireshark to capture and analyze Android apps, and it's important to note that your Android device must be rooted before you grab the package, and your PC must have an Android SDK environment.

Download and install Tcpdump

Tcpdump Link: http://www.ijiami.cn/

Select a version to download and unzip to extract the UH. tcpdump file and push it to your phone:

ADB push C:\tcpdump/data/local/tcpdump

Further operations:

ADB shell

Su

chmod +x/data/local/tcpdump

Then you can start grabbing the bag:

/data/local/tcpdump-p-vv-s 0-w/sdcard/capture.pcap

At this point you can operate the appropriate operation of the application, after grasping the bag Ctrl + C stop grasping the packet.

Then will catch Pcap file transfer locally began to analyze, here is suppose you pull to the C disk directory.

ADB pull/sdcard/capture.pcap c:/

Using Wireshark to analyze packet capture data

Install Wireshark on PC

Wireshark Download: Http://www.ijiami.cn/treg

If the installation is complete, you can directly hit the Pcap file.

Using Filter Filters

If you catch too much, you can use the filter above, such as I only look at the HTTP protocol, and is issued by my device

Right-click Record to view TCP stream

This feature I prefer, can view this http,client-side request and the server side of the returned data

And what I think is more powerful.

The content and results of the request can be stored, such as the contents of the post can be viewed

This is the content of the specific TCP/IP layers seen in the panel

But after this code, and the things that are emitted by the byte stream are annoying, using the storage possibilities, you can see the exact results:

Select File->export objects->http, and export this record is OK.

The final summary

This is my recent work in the actual use, but in the actual operation of Tcpdump and Wireshark, there are more features, skills can be dug out, this article is to have never used these two tools of the introduction of the people.

A brief discussion on using tcpdump, Wireshark to capture and analyze Android apps

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.