Mobile data capture Getting Started tutorial

Mobile data capture Getting Started tutorial

Probation Address: http://pan.baidu.com/s/1hqf9N9a

Introduction: This tutorial from a professional perspective on the various ways of mobile phone capture, but also the common UDP, TCP communication mode detailed explanation. Finally, for HTTP protocol class applications, this tutorial explains in detail how to get sensitive information and use it. This tutorial is suitable for penetration testers to read.

Directory

1th Chapter Mobile Phone Capture Package Overview 1

1.1 Common modes of mobile communication 1

1.1.1 UDP Communication Mode 1

1.1.2 TCP Communication Mode 2

1.1.3 Web Class App core protocol--http 3

1.2 Mobile phone Grab bag 4

1.2.1 Physical Android Device 4

1.2.2 Virtual Android Device 4

1.2.3 Android Device Connection tool--ADB 4

1.3 Grab Bag Tool 4

1.3.1 External Grab Kit--wireshark 4

1.3.2 Internal Grab Kit--tcpdump 5

1.4 Analysis Tools Wireshark 6

1.4.1 Get Wireshark installation package 6

1.4.2 Installing Wireshark under Windows 7

1.4.3 installing Wireshark under Linux 10

2nd. Build Android Simulator (AVD) 13

2.1 Installing JDK 13

2.1.1 Download JDK Pack 13

2.1.2 Installing JDK 15

2.2 Android Simulator 17

2.2.1 Download Android SDK 17

2.2.2 Installing Android SDK under Windows 29

Install Android SDK 31 under 2.2.3 Linux

2.2.4 Setting up Android SDK Manager 32

2.2.5 Setting Environment Variables 37

2.2.6 Android Virtual Device Manager--AVD Manager 39

2.2.7 creating a new device 42

2.2.8 Creating an Android emulator 43

2.2.9 running Android Simulator 47

2.2.10 Remove Android Simulator 50

2.3 Physical Device (Entity phone) configuration 51

2.3.1 Mobile phone traffic monitoring 51

2.3.2 completely shut down Daemon 54

3rd deployment of software and tools 58

3.1 Installing ADB 58

3.1.1 Connect your phone to your computer 59

3.1.2 Installing ADB driver 60

3.1.3 Starting and closing ADB services 64

3.1.4 Viewing Android devices 65

3.1.5 into the shell of the simulator or device 67

3.2 Deployment of software 68

3.2.1 Getting the Software 69

3.2.2 Installing the Application 72

3.2.3 Running the Application 77

3.2.4 Uninstalling an application 79

3.2.5 Deleting an installation package 84

3.3 Deployment of the corresponding tools 85

3.3.1 Deploying Android Device Grab Kit--tcpdump 85

3.3.2 Deploying the Android Command set tool--busybox 87

3.3.3 Deploying Android system shell--HyperTerminal 92

4th Capture Packet 94

4.1 External Packet Capture 94

4.1.1 Configuring the Capture Environment 94

4.1.2 Starting the Wireshark tool 94

4.1.3 Setting the wireless card to promiscuous mode 97

4.1.4 decrypting WEP-encrypted packets 100

4.1.5 Decrypting a WPA-PSK/WPA2-PSK encrypted package 103

4.2 Internal Packet Capture 105

Advantages of 4.2.1 Internal data capture 105

Introduction to 4.2.2 Tcpdump Tools 106

4.2.3 capturing packets for a specified host 107

4.2.4 capturing packets for a specified host and port 109

4.2.5 capturing packets for the specified protocol 110

4.2.6 capturing the Android emulator packet--emulator 110

5th packet Analysis of UDP communication mode 112

5.1 UDP Protocol Analysis 112

5.1.1 Sensitive Information 112

5.1.2 Confirm IP Information 114

5.1.3 Confirm Port Information 119

5.1.4 Filter by Package length 121

5.2 Other UDP-based protocol analysis 125

5.2.1 DNS Protocol Introduction 125

5.2.2 DNS Protocol Analysis 126

6th packet Analysis of TCP communication mode 129

6.1 TCP Protocol Workflow 129

6.2 TCP Protocol Analysis 130

6.2.1 Sensitive information 130

6.2.2 Confirm IP Information 132

6.2.3 Confirm Port Information 135

6.2.4 Confirm Package Length 137

6.2.4 Confirm Window Size 138

6.2.5 confirm the package's flag bit 139

6.3 Other protocol analysis based on TCP protocol 141

6.3.1 FTP Protocol Introduction 142

6.3.2 capturing FTP protocol package 142

6.3.3 get the user name and password of the login FTP service 146

6.3.4 analyzing the FTP download file process package 147

6.3.5 Analysis FTP upload file process 149

6.3.6 reorganization and extraction of FTP-transmitted file contents 151

7th. HTTP protocol Analysis 154

7.1 HTTP Protocol Overview 154

7.1.1 HTTP Workflow 154

7.1.2 HTTP Message Format 154

7.1.3 HTTP Request Method 156

7.2 Get the requested URL 157

7.2.1 Capturing HTTP Packets 157

7.2.2 Requested host 158

URI for 7.2.3 request 160

7.3 Get the content submitted 162

Content submitted by 7.3.1 get mode 162

7.3.2 Post-submitted content 164

7.4 Getting restricted access information 166

7.4.1 Installing the Xplico tool 166

7.4.2 Parsing HTTP protocol Package 166

7.5 Obtaining and utilizing cookie information 174

7.5.1 Installing Greasemonkey Components 174

7.5.2 Creating a cookie Injector script 175

7.5.3 using cookie information in the Wireshark package 176

Appendix A fast 181 ASCII code

Mobile data capture Getting Started tutorial