Production of the android network monitoring packet capture tool (tcpdump)

I recently developed an android network packet capture tool.

I have searched the internet for a long time.

No clue found

So we need to work hard on the Linux layer.

 

Therefore, tcpdump in Linux is used to implement the packet capture function.

To define tcpdump in a simple way, dump the traffic on a network is a packet analysis tool that intercepts packets on the network according to the user's definition.

 

 

As an essential tool for system administrators on the internet, tcpdump, with its powerful functions and flexible interception policies, becomes one of the essential tools for every senior system administrator to analyze the network and troubleshoot problems.

 

For tcpdump detailed can refer to the http://baike.baidu.com/view/76504.htm? Fr = ala0_1_1 introduction to Baidu encyclopedia

 

Here I will mainly introduce how to use tcpdump on Android

 

I use a cracked version of G2 and a simulator.

 

Specifically, run Linux commands in the APK program.

Tcpdump-p-VV-S 0-W/sdcard/capture. pcap 

In this way, the captured package can be written into a capture. pcap file on the sdcard.

 

This file can be opened on the PC using Wireshark for convenient viewing.

 

 

The specific source code is as follows:

 

Mainhook. Java

Package ZY. hook; <br/> Import Java. io. ioexception; <br/> Import android. app. activity; <br/> Import android. OS. bundle; <br/> Import android. util. log; <br/> public class mainhook extends activity {<br/>/** called when the activity is first created. */<br/> @ override <br/> Public void oncreate (bundle savedinstancestate) {<br/> super. oncreate (savedinstancestate); <br/> setcontentview (R. layout. main); <br /> Try {<br/> // runtime.getruntime(cmd.exe C ("Su "); <br/> // runtime.getruntime(cmd.exe C ("dd If =/sdcard/tcpdump of =/data/local/tcpdump "); <br/> // runtime.getruntime(cmd.exe C ("chmod 6755/data/local/tcpdump "); <br/> runtime.getruntime(cmd.exe C ("tcpdump-p-VV-S 0-W/sdcard/capture. pcap "); <br/> log. I ("run", "Success !!!!!!!!! "); <Br/>}catch (ioexception e) {<br/> // todo auto-generated Catch Block <br/> E. printstacktrace (); <br/> log. I ("run", E. tostring (); <br/>}< br/>} 

 

Androidmanifest. xml

<? XML version = "1.0" encoding = "UTF-8"?> <Br/> <manifest xmlns: Android = "http://schemas.android.com/apk/res/android" <br/> package = "ZY. hook "<br/> Android: versioncode =" 1 "<br/> Android: versionname =" 1.0 "> <br/> <application Android: icon = "@ drawable/icon" Android: Label = "@ string/app_name"> <br/> <activity Android: Name = ". mainhook "<br/> Android: Label =" @ string/app_name "> <br/> <intent-filter> <br/> <action Android: Name =" android. intent. action. main "/> <br/> <category Android: Name =" android. intent. category. launcher "/> <br/> </intent-filter> <br/> </activity> <br/> </Application> <br/> <uses-SDK Android: minsdkversion = "7"/> <br/> <uses-Permission Android: Name = "android. permission. write_external_storage "/> <br/> </manifest> 

In particular, do not forget the permission <uses-Permission Android: Name = "android. Permission. write_external_storage"/>

Statement

 

Run the program and we can capture packets.

 

 

The capture. pcap file is generated on the sdcard.

 

 

After capturing the file for a period of time, export the file from the sdcard

 

Then we use Wireshark to open

 

You can conveniently view the packages we caught.

 

Hope to be useful to everyone

 

 

This article is copyrighted by csdn blogger Zeng Yang

Http://blog.csdn.net/Zengyangtech/archive/2010/08/31/5853366.aspx

Reprinted please note this sentence