Currently, for communication analysis of applications on mobile devices, HTTP layer data packets can be captured and changed using web Proxy tools, the underlying data packets must be analyzed in real time and visually (non-real-time tcpdump can be installed on devices to capture packets ), in addition to using mobile devices to connect to the shared network provided by the PC for packet capture ("mobile app communication analysis method Tips"), there is also a new method that actually exists long ago, I am too unfamiliar with wireshark and mistakenly think that it can only capture packets through network interfaces (what is the network adapter.
The core principle of the method described below isOpens a communication pipeline between a PC and a mobile device, and then enables wireshark to capture packets based on the pipeline (PIPE) on the PC..I. Test EquipmentPC (windows System) itouch 4g (for iOS and Android systems, but it requires jailbreak or root)Ii. Tools(1) wiresharkADVsock2pipe (2) itouch (which can be downloaded from cydia) nctcpdump (3) network environment PC and itouch are in the same lan pc ip address 10.0.0.23itouch ip 10.0.0. 243. packet capture stepsStep 1: Run ADVsock2pipe on the PC and enter the following command:
ADVsock2pipe.exe-pipe = wireshark-port 2134
Step 2: Run wireshark on the PC and set caption-Options
Step 3: on the mobile device itouch, open the terminal and enter the following commandBecause mobile device input is too inconvenient, I log on to the mobile device via SSH on the PC for operations.
Danimato-iPod :~ Root # tcpdump-nn-w-U-s 0 "not port 2134" | nc 10.0.0.23 2134
Tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
Step 4: run the application for packet capture and analysis on a mobile device. Then, you can use wireshark to view the packet sending status in real time on the PC.Next, I plan to study how to capture the communication package of the mobile device and perform the FUZZ test. If you have a good mobile app communication package analysis method, contact me to discuss it. Gmail: danqingdani@gmail.com reference: http://wiki.wireshark.org/CaptureSetup/Pipes