During Android development, there are some fields that need to be captured when it comes to network communication. I previously found that the SSDP device header format is not written to, after the packet capture analysis and standard Baotou compared to find this troubled me for a long time problem. In short, it is necessary to grasp the bag in the Android phone.
Preparation: Android phone, network environment, tcpdump, crack phone root permissions, it is recommended to install the RE file manager in the phone and give root permissions. The steps are as follows:
First, the tcpdump is pushed to the phone via the ADB tool, Tcpdump: Http://www.strazzere.com/android/tcpdump. The operation can be done with an instruction:adb push c:/tcpdump/data/local/tcpdump. Of course, it is also possible to send tcpdump to the phone in other ways.
Then, you need to modify the permissions of the tcpdump:
C:\\ADB Shell
$ su
#chmod 777/data/local/tcpdump
When you enter the SU command, you may need to click the Confirm button on your phone. This allows the ADB to have permission to modify the properties of the tcpdump.
Start grabbing the bag:
ADB shell
$ su
/data/local/tcpdump-p-vv-s 0-w/sdcard/capture.pcap
Just press CTRL + C to end the grab. Note that under the Windows platform, CTRL + C is interrupted directly, using CTRL + D or other instructions to end the program (MAC OS is not affected).
Pull the grab file out:adb pull/sdcard/capture.pcap c:/ If you do not have the RE file Manager installed, you may not see the Capture.pcap file, but it does exist because of insufficient permissions (root created files under Android, the normal permissions program cannot be viewed).
Then you can use Wireshark to analyze the bag you've grabbed. You may get an error when you open it, because if you end the packet in an interrupted way, the end of the Pcap file will not be written and ignored.
Personal hard work results, if reproduced, please indicate the source, thank you!