Use tcpdump to capture Android network packages and tcpdumpandroid

Use tcpdump to capture Android network packages and tcpdumpandroid
1. packet capture Principle

Tcpdump (which must be run by the Root user) Intercepts and displays the TCP/IP and other packets that have been sent or received by the network to the machine. In short, it monitors the incoming and outgoing network data of mobile phones.

2 method advantages and disadvantages 2.1 Advantages

1. No omission in mobile phone data packets

2.2 disadvantages

1. Cannot capture packets in real time

2. Android SDK must be installed on your computer

3. You need to obtain the root permission to test the mobile phone.

4. tcpdump must be installed to test the mobile phone.

3. Install and prepare the 3.1 mobile phone to obtain the root permission

Currently, there are many Root tools for android phones. You can download any flash tool from the Internet, such as the flash Genie and one-click ROOT tools.

3.2 install Android SDK on your computer

Http://developer.android.com/sdk/index.html

Decompress the downloaded file to install it, And then configure the environment variables. Currently, my colleagues have installed and configured the environment.

3.3 install tcpdump on your mobile phone

Tcpdump: http://www.strazzere.com/android/tcpdump

4. Tool Installation

1. Connect the Android mobile phone to the computer via USB. Open the Windows Command Prompt window;

2. Check whether the mobile phone connection is normal;

Adb devices # Check whether the mobile phone is connected

* Execution record *:

NOTE 1: The phone connection has been checked to be normal.

3. The adb shell enters the mobile phone to modify/data/local permissions.

Adb shell # log on to your mobile phone

Su # Switch Root User

Chmod 777/data/local/# modify the directory permission and press Ctrl + C to exit the adb shell.

4. copy the tcpdump program to the android mobile phone.

Adb push # tcpdump/data/local/; # The tcpdump file is stored in the root directory of the drive, and/data/local/is the target path of the mobile phone.

(Some mobile phones may fail to copy data. You can add more directories to the directory to push adb # tcpdump/data/local/tmp /)

You can also use the file browser tool to copy files;

* Execution record * (Steps 1 to 2)

5. adb enters the mobile phone and modifies the tcpdump permission to the executable permission;

Adb shell # log on to your mobile phone

Su # Switch Root User

Chmod 777/data/local/tcpdump # Add executable permissions

5 instances

1. Connect to the mobile phone via usb, switch to the root user, and execute the packet capture command

Adb shell # log on to your mobile phone

Su # Switch Root User

/Data/local/tcpdump-p-vv-s 0-w/sdcard/Mcart001.pcap # Run the packet capture command and save the result to the SD card Mcart001.pcap file.

2. Operate the APP to generate request data

3. Press Ctrl + C to interrupt packet capture and exit

4. Export the packet capture result to the computer

Adb pull/sdcard/Mcart001.pcap E

5. Use Wireshark and other tools to analyze the packet capture file Mcart001.pcap