Android End-of-pack method

By:wangyz

In the recent period of time to study the package, the Assembly may have to postpone some time.

Do mobile phone test classmate, must do some mobile phone side of the clutch test, to see if there are errors in the packet, whether encryption or the like, do plug-in also want to grab data packet do analysis.

General grab bag is on the PC to take an AP, with Wireshark grasp, feel that way a little bit of trouble,

Grab the bag environmentSamsung Gt-i8552android 4.1.200 degree Cloud ROM official version V6 (root) PC side (Windows XP) 1. Install the phone driver correctly, the phone side to open the USB debugging 2.Android mobile phone needs to get root permission. 3. Install the Android SDK (adt-bundle-windows-x86-20131030) and configure the environment variables 4. Install the JDK (jdk-7u9-windows-i586), and configure environment variables 5. Need to get tcpdump software, get address (Http://www.strazzere.com/android/tcpdump) Installing TcpdumpConnect your Android phone to your computer's USB, open the Windows Command Prompt window and normally use the ADB command to upload the tool directly to your phone >adb push c:/tcpdump/data/local/tcpdump Of course, if you're using a third-party ROM like mine, the ADB may fail 1 for secure root access. You can first copy the tcpdump to the SD card, this is read and write permission, 2.>adb Shell into Android Shell3. Get root through the SU command, 4. Copy the SD card's tcpdump to/data/local/via the CP command >CD/DATA/LOCAL/>CHMOD 777 Tcpdump>tcpdump-hThis means the installation is successful. start grabbing the bag1. Go to root >adb shell$ su after running su instruction, the phone terminal desktop may appear the corresponding prompt to confirm your recognition of root operation, different phones may have different prompts when the prompt becomes #, Root privilege Success 2. Run Tcpdump, and enter the following command to start the capture package. >cd/data/local>tcpdump-p-vv-s 0-w/mnt/sdcard/capture.pcap-p promiscuous mode-VV verbose output set-s 0 crawl packet with default fetch length of 68 bytes-W Save crawled data Packet got after the number of time means to start grasping the packet, you can execute CTRL + C interrupt capture process 3. Copy the capture results to the local >adb Pull/mnt/sdcard/capture.pcap c:/or directly into the SD card and drag 8. Use tools such as Wireshark to view the capture package file Capture.pcap Data Packet AnalysisGame: Frozen (360 games) (Elimination Class) Host: Frozenandroid.microfunplus.com See this host is obviously frozen is the frozen English name, this host is the request address of the packet ip:203.81.20.77 Host:frozenandroid.microfunplus.com .Connection:keep-alive. Accept-encoding:gzip. content-length:374....deviceid=a6cf255e89f1e39d&openid=mfpunityeditorvendorid&channelname=360 &data=4ee37e578d960d6d99be9e6dea8 ........ encrypted data, do not know the encryption method, can not be cracked, visual should be des or MD5 &cmd=login&auth=1206852048&userid=3232130   How to use1. Send the same package for a tentative attack, look at the server's return data, the success rate is 2 lower. Delay the server after blocking the packet, which is 3 more useful for games that do not have time-stamped packets. The hook function intercepts the packet 4 before encryption. Brute Force encryption dataCopy to Google TranslateTranslation Results