Android利用tcpdump抓包
Instructions
http://source.android.com/porting/tcpdump.html
SourceCodeandDocuments
http://www.tcpdump.org/
CompiledBinaryDownload
http://www.strazzere.com/android/tcpdump
数据包分析工具Wireshark
http://www.wireshark.org/download.html
Installingtcpdump
Pushingthebinarytoanexistingdevice
Downloadtcpdumpfromhttp://www.tcpdump.org/,thenexecute:
adb root adb remount adb push /wherever/you/put/tcpdump /system/xbin/tcpdump adb shell chmod 6755 /data/local/tmp/tcpdump
Runningtcpdump
Youneedtohaverootaccessonyourdevice.
Batchmodecapture
Thetypicalprocedureistocapturepacketstoafileandthenexaminethefileonthedesktop,asillustratedbelow:
adb shell tcpdump -i any -p -s 0 -w /sdcard/capture.pcap # "-i any": listen on any network interface # "-p": disable promiscuous mode (doesn't work anyway) # "-s 0": capture the entire packet # "-w": write packets to a file (rather than printing to stdout) ... do whatever you want to capture, then ^C to stop it ... adb pull /sdcard/capture.pcap . sudo apt-get install wireshark # or ethereal, if you're still on dapper wireshark capture.pcap # or ethereal ... look at your packets and be wise ...
YoucanruntcpdumpinthebackgroundfromaninteractiveshellorfromTerminal.Bydefault,tcpdumpcapturesalltrafficwithoutfiltering.Ifyouprefer,addanexpressionlikeport80tothetcpdumpcommandline.
Realtimepacketmonitoring
Executethefollowingifyouwouldliketowatchpacketsgobyratherthancapturingthemtoafile(-nskipsDNSlookups.-s0capturestheentirepacketratherthanjusttheheader):
adb shell tcpdump -n -s 0
Typicaltcpdumpoptionsapply.Forexample,ifyouwanttoseeHTTPtraffic:
adb shell tcpdump -X -n -s 0 port 80