如何在Wireshark上捕获移动电话流量?
当前回答
对于iOS设备:
打开终端,简单地写:
rvictl -s udid
它会在Wireshark上打开一个有名字的接口,在我的例子中是rvi0。
udid是iPhone的唯一设备id。
(如何找到我的iOS设备UDID)
其他回答
这里没有建议的另一个选项是在Android模拟器中从Android SDK运行你想监控的应用程序。然后,您可以在同一台机器上使用wireshark轻松捕获流量。
这对我来说是最简单的选择。
以下是一些建议:
For Android phones, any network: Root your phone, then install tcpdump on it. This app is a tcpdump wrapper that will install tcpdump and enable you to start captures using a GUI. Tip: You will need to make sure you supply the right interface name for the capture and this varies from one device to another, eg -i eth0 or -i tiwlan0 - or use -i any to log all interfaces For Android 4.0+ phones: Android PCAP from Kismet uses the USB OTG interface to support packet capture without requiring root. I haven't tried this app, and there are some restrictions on the type of devices supported (see their page) For Android phones: tPacketCapture uses the Android VPN service to intercept packets and capture them. I have used this app successfully, but it also seems to affect the performance with large traffic volumes (eg video streaming) For IOS 5+ devices, any network: iOS 5 added a remote virtual interface (RVI) facility that lets you use Mac OS X packet trace programs to capture traces from an iOS device. See here for more details For all phones, wi-fi only: Set up your Mac or PC as a wireless access point, then run wireshark on the computer. For all phones, wi-fi only: Get a capture device that can sniff wi-fi. This has the advantage of giving you 802.11x headers as well, but you may miss some of the packets Capture using a VPN server: Its fairly easy to set-up your own VPN server using OpenVPN. You can then route your traffic through your server by setting up the mobile device as a VPN client and capture the traffic on the server end.
除了鲁佩罗精彩的回答之外,还有一个“肮脏”但非常有效的技巧:
对于所有手机,任何(本地)网络:将您的PC设置为Man-In-The-Middle移动设备。
使用Ettercap在您的移动设备和路由器之间进行ARP欺骗,您的所有移动通信将出现在Wireshark中。有关设置细节,请参阅本教程
对于Android,我之前使用了tPacketCapture,但它不适用于流媒体视频应用。我现在用的是Shark。你需要root用户才能使用它。
它使用TCPDump(检查您可以传递的参数)并创建一个可以被Wireshark读取的pcap文件。默认参数对我来说通常已经足够好了。
让你的笔记本电脑成为手机(任何手机)的wifi热点,并将其连接到互联网。使用wireshark在wifi接口上嗅探流量。
你会知道很多反隐私的东西!
推荐文章
- Manifest合并失败:uses-sdk:minSdkVersion 14
- 为什么Android工作室说“等待调试器”如果我不调试?
- 是否有可能更新一个本地化的故事板的字符串?
- 以编程方式获取Bundle Identifier
- 如何检查我的EditText字段是否为空?
- 为iPad和iPhone设计输入按钮
- Android从图库中选择图像
- 如何在我的iPhone应用程序中使用NSError ?
- 后台任务,进度对话框,方向改变-有任何100%工作的解决方案吗?
- Android:垂直对齐多行EditText(文本区域)
- Android无尽列表
- Android room persistent: AppDatabase_Impl不存在
- 错误:执行失败的任务':app:compileDebugKotlin'。>编译错误。详细信息请参见日志
- 我的预发行应用已经在iTunes Connect中“处理”了一周多,这是怎么回事?
- 在Android中使用URI生成器或使用变量创建URL