Capturing Mobile Phone Traffic on Wireshark

Capturing mobile phone traffic on Wireshark

Here are some suggestions:

  1. For Android phones, any network: Root your phone, then install tcpdump on it. This app is a tcpdump wrapper that will install tcpdump and enable you to start captures using a GUI. Tip: You will need to make sure you supply the right interface name for the capture and this varies from one device to another, eg -i eth0 or -i tiwlan0 - or use -i any to log all interfaces

  2. For Android 4.0+ phones: Android PCAP from Kismet uses the USB OTG interface to support packet capture without requiring root. I haven't tried this app, and there are some restrictions on the type of devices supported (see their page)

  3. For Android phones: tPacketCapture uses the Android VPN service to intercept packets and capture them. I have used this app successfully, but it also seems to affect the performance with large traffic volumes (eg video streaming)

  4. For IOS 5+ devices, any network: iOS 5 added a remote virtual interface (RVI) facility that lets you use Mac OS X packet trace programs to capture traces from an iOS device. See here for more details

  5. For all phones, wi-fi only: Set up your Mac or PC as a wireless access point, then run wireshark on the computer.

  6. For all phones, wi-fi only: Get a capture device that can sniff wi-fi. This has the advantage of giving you 802.11x headers as well, but you may miss some of the packets

  7. Capture using a VPN server: Its fairly easy to set-up your own VPN server using OpenVPN. You can then route your traffic through your server by setting up the mobile device as a VPN client and capture the traffic on the server end.

How to capture app traffic on Android

There're several ways:

  1. Connect your phone to your internal wifi access point (before connecting check advanced options and set a manual proxy).. Note: this method do not work for all network data.. some connections ignore this setting.
  2. (works on rooted phones only) Install 'Shark for Root' application on your device... it will capture ALL traffic.. it will generated dump files that can be analized on your PC using Wireshark software
  3. The best way: Setup your PC as a wifi access point and make your android device to use this wifi connection, then sniff the traffic using the same Wireshark application.

Can't see WiFi traffic from my mobile in Wireshark?

The problem I was having was that the wifi card I was using wasn't giving errors when I switched modes, but it didn't support them none-the-less.

Using another card worked.

Thanks!


Related Topics

Android Popup Window Dismissal

Border for an Image View in Android

When How to First Measure a View

The Completest Cocos2D-X Tutorial & Guide List

Android: Remove Notification from Notification Bar

Custom Getfilter in Custom Arrayadapter in Android

Android: How to Check If Activity Is Running

How to Clear a Notification in Android

Android Asynctask for Long Running Operations

Android HTML Imagegetter as Asynctask

Retrieve Incoming Call's Phone Number in Android

Overlay Two Images in Android to Set an Imageview

Android SQLite Example

Sync Data Between Android App and Webserver

Disable Scrolling in Webview

Connecting to MySQL from Android with Jdbc

How to Startforeground() Without Showing Notification

Take a Screenshot of a Whole View


Leave a reply



Submit