Capture packets in Android

In Android, packet capture is mainly used to analyze the data addresses of application requests and further sniff out important network resources. The following describes how to capture the network communication package of the Android system.

I. Preparations

Software Name:

• Tcpdump: packet capture tool [Click to download]
• Wireshark: Packet Capture on PC is also a tool for unpacking. [click to download]
• Adb.zip: Android debugging tool [Click to download]

Environment requirements:

• Unpackage the adb.zip file and configure its directory to the PC environment variable. The purpose is only one. In cmd, the ADB command can be identified.
• A root mobile phone. If not, use the android simulator (recommended simulator ).
• If you use a mobile phone, ensure that the data line is always connected to the mobile phone during the operation.

2. Transfer the packet capture tool to the mobile phone

• Check whether your phone has been connected to your computer

  Win + R call up and run, open the CMD window, and run [ADB devices ],

As shown in the figure, the computer is connected to a simulator.

• Transfer packet capture tool to mobile phone

Enter the command: [ADB push c: \ tcpdump/data/local]

C: \ tcpdump is the path of tcpdump on the PC, And/local/data/tcpdump is the path of tcpdump in the mobile phone simulator or real machine.

3. Go to the mobile phone to escalate the packet capture program permission

• Enter "ADB shell" in the CMD window to enter the mobile phone system.
• Enter CD/data/local to enter the directory.
• Then enter chmod 777 tcpdump to grant the program 777 read/write permissions.

 

4. Capture packets

• Next to step 3, enter CD/to roll back to the root directory.
• Input the data captured by [./data/local/tcpdump-p-VV-S 0-W/sdcard/capture. pcap] to the mobile phone/sdcard/capture. pcap file.

  Note that-P is followed by two values, not w,

• Click Ctrl + C to complete the capture.

5. extract data packets from mobile phones

• Run ADB pull/sdcard/capture. pcap C:/capture. pcap to transfer the data files stored in the SD card to the C root directory of the PC,

6. Analyze Data Packets

• Use the wireshark tool to open the capture. pcap file. You can see that the file captures a large amount of data from various protocols.
• In the filter text box, enter HTTP. Request. URI to filter the HTTP data.

 

OK. At this point, all the information about the application's network communication is successfully captured.

From this point of view, if your application has some important resources, how important it is to encrypt the communication address.

Disclaimer: This article is for study and communication purposes only. Do not do anything bright or bad ......

Original link: http://www.67tgb.com /? P = 498