Blog one:
I have done the method of capturing Android phone data packets before. I installed software on the Android phone, captured the data packets, and then transferred the data packets to the computer. It is not intuitive, and it is very troublesome to go back and forth.
On a whim last night, can I use my laptop as a WIFI hotspot, and then capture the data packets of the wireless network card?
The packet capture tool wireshark captures network card-level data packets, so I built a wireless hotspot with a laptop, and then selected the wireless network card in wireshark. When the mobile phone is connected to the laptop's wireless network, it can be clearly seen in the packet capture tool. A string of packets captured.
The main advantage of this method is that it only captures the data packets of the wireless network card, which saves a lot of the process of filtering data packets. It is simpler and more convenient to capture the sign-in of the Internet phone and dial the data packets!
Blog two:
Here record the method you use to grab the network packets of other clients. It is purely for communication and learning.
First, install a software fiddler2 on the computer, you can search on Baidu. For Android phones, you need to install a proxy apk proxy settings. For Apple phones, the proxy settings that come with it can be done.
The following introduces the use of Fiddler to capture network data packets
It mainly introduces how to capture network data packets on Android and IPhone mobile phones. For example, we can use this method to capture network communication requests of an application (Weibo, WeChat, Moji Weather).
Compared with tcpdump and wireshark, the advantages of capturing packets are: (1) No root is required (2) It is also applicable to Android and Iphone (3) The operation is simpler and more convenient (the first installation and configuration, the second time you only need to set the proxy) ( 4) The viewing of data packets is clearer and easier to understand, and the UI of Fiddler is simpler and clearer (5) HTTPS requests can be viewed. Also visible if you insist on using tcpdump: http://www.trinea.cn/android/tcpdump_wireshark/ .
1 PC is required for assistance, and the PC needs to be in the same local area network as the mobile phone or has an independent public network ip
1. Install Fiddler on the PC
download address: http://www.telerik.com/download/fiddler , the following is a simple Fiddler Introduction:
Fiddler is one of the powerful and easy-to-use web debugging tools. It can record http and https requests from clients and servers, allowing you to monitor, set breakpoints, and even modify input and output data. Fiddler includes a powerful event-based It is a subsystem of scripting and can be extended using .net language. It is often used with firebug in web development and tuning.
The operating mechanism of Fiddler is actually an HTTP proxy listening on port 8888 on the machine. When the PC-side Fiddler starts, the default IE proxy is set to 127.0.0.1:8888, and other browsers need to be set manually, so if you need to monitor the PC-side Chrome network request, change its proxy to 127.0.0.1:8888. The data can be monitored, and the mobile phone can complete the http proxy of the entire system according to the following settings.
2. Configure Fiddler on PC and mobile phone
(1) Configure Fiddler to allow monitoring of https
. Open the Fiddler menu item Tools->Fiddler Options, and select decrypt https traffic and ignore server certificate errors, as shown below:
The first time you will be prompted whether to trust the fiddler certificate and security reminder, select yes, and then you can manage it in the system's certificate management.
(2) Configure Fiddler to allow remote connections
. Click connections in the menu as shown above, select allow remote computers to connect, and the default listening port is 8888. If it is occupied, it can also be set. After configuration, you need to restart Fiddler, as shown below:
(3) 配置手机端
对于安卓手机,安装代理设置apk,本人一只用的是ProxyDroid,具体链接不记得了,百度很容易搜到。
设置主机为电脑的IP地址,设置端口为8888,绑定网络为统一局域网。设置如图所示:
关于IPhone手机,进入设置程序,进入代理选项功能,配置跟ProxyDroid基本一样。
配置好以后,手机上的网络访问在Fiddler就可以查看了,如下图微博和微信的网络请求:
可以双击上图某一行网络请求,右侧会显示具体请求内容(Request Header)和返回内容(Response Header and Content),如下图:
可以发现Fiddler可以以各种格式查看网络请求返回的数据,包括Header, TextView(文字), ImageView(图片), HexView(十六进制),WebView(网页形式), Auth(Proxy-Authenticate Header), Caching(Header cache), Cookies, Raw(原数据格式), JSON(json格式), XML(xml格式)很是方便。
停止网络监控的话去掉wifi的代理设置即可,否则Fiddler退出后手机就上不网了哦。
如果需要恢复手机无密码状态,Android端之后可以通过系统设置-安全-受信任的凭据-用户,点击证书进行删除或清除凭据删除所有用户证书,再设置密码为无。
如果只需要监控一个软件,可结合系统流量监控,关闭其他应用网络访问的权限。