Using tcpdump to realize packet capture under Android

Android

If you want to analyze the network data interaction of an app under Android, you need to capture packets on Android phones. The most commonly used packet capturing tool is tcpdump. Tcpdump is used to generate pcap files recognized by Wireshark, then download pcap files to the computer, load pcap files with Wireshark on the computer, and analyze the data captured by tcpdump through Wireshark.

1、 Install tcpdump

To install tcpdump for Android phones, you must first root the Android phone. Now the commonly used root tools on the market are very stupid and powerful. It is recommended to use the root wizard. After you root the phone, we can install tcpdump for the phone.

First download the tcpdump file at: http://xiazai.jb51.net/201502/other/tcpdump.rar

2、 Capturing packets using tcpdump

Reopen a terminal and execute the following command

3、 Install Wireshark and analyze pcap files

From Wireshark website https://www.wireshark.org/ Download the Wireshark suitable for your system, then click the Wireshark installation package you downloaded to install Wireshark, find the 1.pcap file you just downloaded, double-click the 1.pcap file, and the 1.pcap file will be automatically opened by Wireshark. Enter the following filter conditions in Wireshark's filter to analyze data sources more conveniently.

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>