[Android test] the entire process of parsing captured packets in Android

Author: Bi Xiaopeng

Blog: http://www.wirelessqa.com

 

Reason

In Android development, socket programming makes it impossible to see from the log what is the packet sent and returned by the socket that communicates with it. Here is a tool, the tcpdump tool and Wireshark tool view the captured content.

Packet Capture procedure

1. Download tcpdump

: Http://www.strazzere.com/android/tcpdump

2. for Android phones, you must first obtain the root permission.

Find the tool and go to root.

3. Put the tcpdump tool into the Android system

ADB push tcpdump/data/local/tcpdump

If you are prompted that you do not have the permission, the simplest method is to use the following method:

ADB push tcpdump/data/local/tmp/tcpdump

Abnormal Situation: Root ADB shell after the default is not the root user, how to put the file into the phone system, please refer to: http://www.wirelessqa.com /? P = 233

4. Modify tcpdump Permissions

ADB shell chmod 6755/data/local/tcpdump

5. Remove existing packet capture files

We need to put capture. pcap under/sdcard/. please remove the existing

ADB shell Rm-r/sdcard/capture. pcap

6. Enter the root permission

Bixiaopeng @ bixiaopengtekimacbook-pro ~ $ ADB Shell

Shell @ Android:/$ su

Shell @ Android :/#

7. Run tcpdump

Perform packet capture analysis on the mobile phone

#/Data/local/tcpdump-p-VV-S 0-W/sdcard/capture. pcap

 

The value following got is increasing, indicating that the data packet is being captured.

8. packet capture interrupted

After the command is executed, run Ctrl + C in the Command Prompt window to interrupt the packet capture process.

9. Copy the packet capture result to the local device.

ADB pull/sdcard/capture. pcap capture. pcap

(The previous directory is the mobile phone address, and the subsequent directory is the local address)

10. Use Wireshark and other tools to view the captured file capture. pcap

Use Wireshark to view captured data packet files,

After Wireshark is installed on Mac, install X11 again if you want to use it.

 

 

 

When you open Wireshark, the system will prompt you to install it. Just install it as prompted. After the installation is complete, restart the computer.

 

Double-click capture. pcap to open Wireshark.

 

 

 

Adjust the time display format:

Select view-time display format in the menu bar and select the desired time format.

 

 

 

Then you can import the file to view it.

 

 

Author: Bi Xiaopeng Source: http://www.wirelessqa.com welcome to reprint or share, but please be sure to declare the source of the article. If the article is helpful to you, I hope you can recommend it or follow it.

 

Link to this article: [Android test] full process of parsing captured Android packets

Reprinted statement: If there are no special instructions on this site, they are all original. Reprinted with the source: wirelessqa-record the growth history. Thank you! ^