This article is reproduced to the Http://blog.csdn.net/lixing333/article/details/7782539iosiphone Network filter tool
In another blog post, I introduced a software that is lighter and better used than Wireshark: Charles:
http://blog.csdn.net/lixing333/article/details/42776187
Today is nothing to do, want to try to analyze the iOS application network data transmission method. I've wanted to do this before, but I haven't been able to get the Internet data from the iphone. Today tried a bit, did not expect actually more smoothly.
My tools: Mac computer One (PC line), Wireshark grab kit, IPod touch one, cable one.
Step: First configure the computer, so that the iphone can be connected through the computer, so that the iphone on the computer to transfer data, you can capture data. Concrete method: Http://www.cnblogs.com/ydhliphonedev/archive/2011/10/27/2226935.html. As long as the first method of 1, 32 steps can be, do not need to use PAROS, I use the Wireshark. With the PC's own configuration. It is recommended to use Apwifi.
Once configured, open Wireshark and prepare to grab the bag. Here I want to analyze is Sina's "parenting expert quiz" application.
Before you start, it's a good idea to turn off all potentially networked applications to avoid flooding your data. Select Capture-interfaces in the Wireshark, then select the most active in the NIC list, usually En0, then select Start.
Then there will be a lot of data in the Wireshark, such as,
At this point I clicked on some of the buttons in the parenting experts ' quiz to make it send and receive requests.
As can be seen, the network connection data is very messy, then we have to filter out the unwanted packets, leaving only useful.
By common sense, we know that the general network requests and packets received are in HTTP format, so enter HTTP in the filter and click Apply. Then click on the button in the application of a few clicks, let it make a network request, you can find that the network transmission packet added several requests:
Obviously, these black packets and the packages below them are the application's request and the server's response. We click on one of the requests and look at its request format:
Do you see it? The full request URI is the URL of the request. Double-click it, open in the browser, you can see is a JSON data, haha, preliminary success!
The following work is basically almost the same, find the various data request address, find their laws. I will not go on with the details below. If the HTTP data is still a lot, not enough to filter the desired data, you can add IP address filtering to the filter: HTTP and ip.dst==202.205.3.**, so that the data found is more accurate. As for what the communication IP is, it needs to be carefully discovered.
In addition, the HTTP request obtained here is a GET request, so open it directly. If it is a POST request, you also need to look closely at the format of the data that is being post.
Summarize the basic method: Let the iphone through the laptop network, and then use the Wireshark grab packet, filter the caught packet through the filter, find the request address, analyze the request format. over!
Wireshark Crawl iOS networked data instance analysis