Android通过tcpdump抓包
2013-11-21 15:09
344 查看
最近发现应用市场上有一款的Android抓包工具“抓包大师”很好用,省去了敲命令行的繁琐工作。可以通过360手机助手或者豌豆荚下载。
如果你喜欢敲击键盘的快感,下面介绍的命令行方式很适合你:
1. 手机要有root权限
2. 下载tcpdump
3. adb push c:\wherever_you_put\tcpdump /data/local/tcpdump
4. adb shell chmod 6755 /data/local/tcpdump
5, adb shell, su获得root权限
6, cd /data/local
7, adb shell "su -c '/data/local/tcpdump -i any -p -s 0 -w/sdcard/pcap/capture.pcap
命令参数:
# "-i any": listen on any network interface
# "-p": disable promiscuous mode (doesn't work anyway)
# "-s 0": capture the entire packet
# "-w": write packets to a file (rather than printing to stdout)
... do whatever you want to capture, then ^C to stop it ...
8, adb pull /sdcard/capture.pcap d:/
9, 在电脑上用wireshark打开capture.pcap即可分析log
Execute the following if you would like to watch packets go by rather than capturing them to a file (-n skips DNS lookups. -s 0 captures the entire
packet rather than just the header):
adb shell tcpdump -n -s 0
Typical tcpdump options apply. For example, if you want to see HTTP traffic:
只监听http
adb shell tcpdump -X -n -s 0 port 80
根据以上的信息,写一个bat去执行(tcpdump文件必须在当前目录里)。
开始tcpdump
adb push tcpdump /data/local/tcpdump
adb shell chmod 6755 /data/local/tcpdump
adb shell rm -r /sdcard/capture.pcap
adb shell /data/local/tcpdump -i any -p -s 0 -w /sdcard/capture.pcap
pause
下载tcpdump文件到电脑
adb pull /sdcard/capture.pcap capture.pcap
问题:有些机器root后通过adb shell 后,默认不是root用户,需要输入 su才能切换到root,这样在执行批处理会有问题,解决方法如下
adb shell "su -c 'sleep 1'"
adb start-server
adb push tcpdump /data/local/tcpdump
最近发现应用市场上有一款的Android抓包工具“抓包大师”很好用,省去了敲命令行的繁琐工作。可以通过360手机助手或者豌豆荚下载。
如果你喜欢敲击键盘的快感,下面介绍的命令行方式很适合你:
1. 手机要有root权限
2. 下载tcpdump
3. adb push c:\wherever_you_put\tcpdump /data/local/tcpdump
4. adb shell chmod 6755 /data/local/tcpdump
5, adb shell, su获得root权限
6, cd /data/local
7, adb shell "su -c '/data/local/tcpdump -i any -p -s 0 -w/sdcard/pcap/capture.pcap
命令参数:
# "-i any": listen on any network interface
# "-p": disable promiscuous mode (doesn't work anyway)
# "-s 0": capture the entire packet
# "-w": write packets to a file (rather than printing to stdout)
... do whatever you want to capture, then ^C to stop it ...
8, adb pull /sdcard/capture.pcap d:/
9, 在电脑上用wireshark打开capture.pcap即可分析log
Execute the following if you would like to watch packets go by rather than capturing them to a file (-n skips DNS lookups. -s 0 captures the entire
packet rather than just the header):
adb shell tcpdump -n -s 0
Typical tcpdump options apply. For example, if you want to see HTTP traffic:
只监听http
adb shell tcpdump -X -n -s 0 port 80
根据以上的信息,写一个bat去执行(tcpdump文件必须在当前目录里)。
开始tcpdump
adb push tcpdump /data/local/tcpdump
adb shell chmod 6755 /data/local/tcpdump
adb shell rm -r /sdcard/capture.pcap
adb shell /data/local/tcpdump -i any -p -s 0 -w /sdcard/capture.pcap
pause
下载tcpdump文件到电脑
adb pull /sdcard/capture.pcap capture.pcap
问题:有些机器root后通过adb shell 后,默认不是root用户,需要输入 su才能切换到root,这样在执行批处理会有问题,解决方法如下
adb shell "su -c 'sleep 1'"
adb start-server
adb push tcpdump /data/local/tcpdump
最近发现应用市场上有一款的Android抓包工具“抓包大师”很好用,省去了敲命令行的繁琐工作。可以通过360手机助手或者豌豆荚下载。
相关文章推荐
- 刘东明老师中国邮政储蓄银行互联网金融网络营销培训
- HTTP协议
- Android检查网络状态
- tcpdump
- 内网IT风险管控解决方案
- linux网络编程系列-网络连接的建立
- linux网络编程系列-网络连接的建立
- JAVA-用HttpClient来模拟浏览器GET,POST
- http://liondinas.iteye.com/blog/223796
- 网络视频和移动营销 一根绳子上的蚂蚱
- socket网络编程的初学使用见解
- HttpContext.Current.Handler asp.net 获取前当前页的所有表单元素
- linux 内核参数调整优化网络
- IIS 使用多个https和通配证书解决方案
- java http请求工具类
- socket编程复习(6)-网络通信
- MatLab提取网络地址
- http://www.csdn.net/article/2013-11-17/2817531
- 关于网络制式(例如:TD-SCDMA /GSM)
- Linux tcpdump命令详解