如何在Wireshark上捕获移动电话流量?
当前回答
在你的电脑上安装Fiddler,并在你的Android设备上使用它作为代理。
来源:http://www.cantoni.org/2013/11/06/capture-android-web-traffic-fiddler
其他回答
Android应用程序实现了一个VPN,记录Android设备上的所有网络流量。您不需要在您的PC上设置任何VPN/代理服务器。不需要根。支持SSL解密,而tPacketCapture不支持。它还包括一个良好的日志查看器。
以下是一些建议:
For Android phones, any network: Root your phone, then install tcpdump on it. This app is a tcpdump wrapper that will install tcpdump and enable you to start captures using a GUI. Tip: You will need to make sure you supply the right interface name for the capture and this varies from one device to another, eg -i eth0 or -i tiwlan0 - or use -i any to log all interfaces For Android 4.0+ phones: Android PCAP from Kismet uses the USB OTG interface to support packet capture without requiring root. I haven't tried this app, and there are some restrictions on the type of devices supported (see their page) For Android phones: tPacketCapture uses the Android VPN service to intercept packets and capture them. I have used this app successfully, but it also seems to affect the performance with large traffic volumes (eg video streaming) For IOS 5+ devices, any network: iOS 5 added a remote virtual interface (RVI) facility that lets you use Mac OS X packet trace programs to capture traces from an iOS device. See here for more details For all phones, wi-fi only: Set up your Mac or PC as a wireless access point, then run wireshark on the computer. For all phones, wi-fi only: Get a capture device that can sniff wi-fi. This has the advantage of giving you 802.11x headers as well, but you may miss some of the packets Capture using a VPN server: Its fairly easy to set-up your own VPN server using OpenVPN. You can then route your traffic through your server by setting up the mobile device as a VPN client and capture the traffic on the server end.
作为Wireshark的替代品/ Android的伙伴,您可以尝试我的开源应用程序PCAPdroid。在非根设备上,它使用VPNService捕获流量,但有一些限制。在根设备上,它的工作方式类似于用户友好的tcpdump。
您可以直接在应用程序中分析连接和数据包负载,也可以将流量以PCAP格式导出到PC上使用Wireshark进行分析。它还有许多其他很酷的功能,试试看吧!
对于iOS设备:
打开终端,简单地写:
rvictl -s udid
它会在Wireshark上打开一个有名字的接口,在我的例子中是rvi0。
udid是iPhone的唯一设备id。
(如何找到我的iOS设备UDID)
除了鲁佩罗精彩的回答之外,还有一个“肮脏”但非常有效的技巧:
对于所有手机,任何(本地)网络:将您的PC设置为Man-In-The-Middle移动设备。
使用Ettercap在您的移动设备和路由器之间进行ARP欺骗,您的所有移动通信将出现在Wireshark中。有关设置细节,请参阅本教程
推荐文章
- 如何删除默认的导航栏空间在SwiftUI导航视图
- 警告:API ' variable . getjavacompile()'已过时,已被' variable . getjavacompileprovider()'取代
- 安装APK时出现错误
- 碎片中的onCreateOptionsMenu
- TextView粗体通过XML文件?
- 如何使线性布局的孩子之间的空间?
- DSL元素android.dataBinding。enabled'已过时,已被'android.buildFeatures.dataBinding'取代
- ConstraintLayout:以编程方式更改约束
- PANIC: AVD系统路径损坏。检查ANDROID_SDK_ROOT值
- 如何生成字符串类型的buildConfigField
- Recyclerview不调用onCreateViewHolder
- 如何在iOS中使用Swift编程segue
- Swift -整数转换为小时/分钟/秒
- Android API 21工具栏填充
- Android L中不支持操作栏导航模式
