The original text comes from [Tingyun Technology Blog] : http://blog.tingyun.com/web/article/detail/480
As a tester, data packet capture tools are often used in work for data analysis and verification. The following is a brief introduction to the commonly used packet capture tools in work.
TcpDump packet capture
Tcpdump is a tool for intercepting network packets and outputting the contents of the packets. With its powerful functions and flexible interception strategies, it has become the preferred tool for network analysis and troubleshooting under UNIX-like systems. The "header" of the data packet transmitted in the network can be completely intercepted to provide analysis. It supports filtering on the network layer, protocol, host, network or port, and provides logical statements such as and, or, not to help you remove useless information. Only users with root privileges can directly execute it to obtain the information on the network. information.
1. Configure the capture environment
1) Download TcpDump
Download address: http://www.strazzere.com/android/tcpdump
2) Configure ADB commands
a) Use Terminal to create a new .bash_profile file in the current user directory to configure environment variables
$ touch .bash_profile
$ open .bash_profile
b) Modify the .bash_profile file to add the adb path
export PATH=${PATH}:/Users/Pa
th/Android/sdk/platform-tools
export PATH=${PATH}:/Users/ Path/Android/sdk/tools
c) Verify ADB commands
$ adb version
d) Push the downloaded TcpDump to the /system/etc directory, which stores all system configuration files
$ adb push /Users/Path/tcpdump /system/etc
Note: If you encounter individual models that cannot be pushed, you can use the mount command to suspend the system directory
3) Android device obtains Root permission
Here you can use some common one-click root tools on the market to unlock root permissions on your phone.
Such as: Master Root, Root Elf, etc.
4) Placement Wireshark
a) Using Wireshark on Mac requires X11 to be installed
http://www.xquartz.org/
After the download is complete, open XQuartz-2.7.8.dmg, select XQuartz.pkg, and continue the installation.
b) Install Wireshark
https://1.na.dl.wireshark.org/os
x/Wireshark%202.0.2%20Intel%2064.dmg
After the download is complete, install Wireshark and open Wireshark 2.0.2 Intel 64.pkg to continue the installation.
2. Use TcpDump to capture packets
Capture steps
1) Connect Android device
$ adb shell
2) TcpDump packet capture command
$ tcpdump -p -vv -s 0 -w /sdcard/tcp/tcpdump.pcap
Command parameters
# -p do not set the network interface to promiscuous mode
# -vv output detailed packet information
# -s 0 capture the entire packet
# -w write the grouping directly to the file instead of not parsing and printing it
3) After capturing the packets, copy the generated .pcap file to the PC
$ adb pull /sdcard/tcp/tcpdump.pcap
3. Use Wireshark for data analysis
Just open the .pcap file with Wireshark
