This article focuses on how to use Tcpdump and Wireshark to capture and analyze Android apps, and it's important to note that your Android device must be rooted before you grab the package, and your PC must have an Android SDK environment.
Download and install Tcpdump
Tcpdump Link: http://www.ijiami.cn/
Select a version to download and unzip to extract the UH. tcpdump file and push it to your phone:
ADB push C:\tcpdump/data/local/tcpdump
Further operations:
ADB shell
Su
chmod +x/data/local/tcpdump
Then you can start grabbing the bag:
/data/local/tcpdump-p-vv-s 0-w/sdcard/capture.pcap
At this point you can operate the appropriate operation of the application, after grasping the bag Ctrl + C stop grasping the packet.
Then will catch Pcap file transfer locally began to analyze, here is suppose you pull to the C disk directory.
ADB pull/sdcard/capture.pcap c:/
Using Wireshark to analyze packet capture data
Install Wireshark on PC
Wireshark Download: Http://www.ijiami.cn/treg
If the installation is complete, you can directly hit the Pcap file.
Using Filter Filters
If you catch too much, you can use the filter above, such as I only look at the HTTP protocol, and is issued by my device
Right-click Record to view TCP stream
This feature I prefer, can view this http,client-side request and the server side of the returned data
And what I think is more powerful.
The content and results of the request can be stored, such as the contents of the post can be viewed
This is the content of the specific TCP/IP layers seen in the panel
But after this code, and the things that are emitted by the byte stream are annoying, using the storage possibilities, you can see the exact results:
Select File->export objects->http, and export this record is OK.
The final summary
This is my recent work in the actual use, but in the actual operation of Tcpdump and Wireshark, there are more features, skills can be dug out, this article is to have never used these two tools of the introduction of the people.
A brief discussion on using tcpdump, Wireshark to capture and analyze Android apps