Packet Capture preparation
1. The Android phone must first obtain the root permission. One way to check whether the root permission is obtained: Install and enable the terminal simulator (which can be obtained through channels such as the Android Market ). On the terminal Simulator Interface, enter su and press Enter. If an error is reported, it indicates that no root is returned. If the command prompt is changed from $ to #, it is "rooted;
2. If the Android mobile phone is not root, you can use superoneclick or other methods to perform root processing (you need to install Microsoft. NET Framework first ). Superoneclick brush root permissions tutorial :( http://soft.shouji.com.cn/news/501.shtml)
3. Obtain the Android SDK first.
4. Need to get tcpdump software, get address (http://www.strazzere.com/android/tcpdump), note is right-click to save
Packet Capture procedure
1. Connect the Android phone to USB on the computer and open the windows Command Prompt window.
2. copy the tcpdump program to the android mobile phone. (The directory file in front of this command is the local address, and the directory in the back is the destination mobile address)
C: \ android-sdk-windows \ platform-tools> adb push c:/tcpdump/data/local/tcpdump
3. Modify tcpdump Permissions
C: \ android-sdk-windows \ platform-tools> adb shell
# Chmod 777/data/local/tcpdump
4. Enter the root permission
C: \ android-sdk-windows \ platform-tools> adb shell
$ Su
After running the su command, a prompt message is displayed on the desktop of the mobile terminal to confirm your acceptance of the root operation.
5. Run tcpdump and run the following command to start packet capture.
/Data/local/tcpdump-p-vv-s 0-w/sdcard/capture. pcap
6. Execute the operations on the mobile phone end that require packet capture analysis. After the execution is complete, execute Ctrl + C in the Command Prompt window to interrupt the packet capture process.
7. Copy the packet capture result to the local device (the previous directory is the mobile phone address, and the subsequent directory is the local address)
C: \ android-sdk-windows \ platform-tools> adb pull/sdcard/capture. pcap c :/
8. Use Wireshark and other tools to view the captured file capture. pcap