On Device Packet Capture

Lead Hacker — Thu, 05 Aug 2010 15:36:55 +0000

When I need to capture network traffic from my device I normally capture traffic at a router to see what’s going on. I had seen some mentions of running tcpdump on device and pulling off the pcap file to a desktop to inspect, but Androshark was what people mentioned the most. And it didn’t seem to be actively developed any more. I ran across Shark for Root and Sharkreader recently however. It’s an app for packet capture and a simple packet capture viewer directly on the device. Works out pretty well. Requires root access, and it seems to be working quite well on my Nexus One with CM6. Screenshots below.

Start/stop capture, writes to the sdcard by default:

View packet dump stream:

View contents of an individual packet:

Monitoring Network Traffic Using OS X

Lead Hacker — Mon, 01 Jun 2009 23:19:31 +0000

Here’s a tip for monitoring network traffic from your Android phone using OS X. The same thing works for iPhone (or any other mobile device you can configure to use a wifi connection). I frequently use it to see how some bit of client/server interaction is done.

Install Wireshark
Follow the instructions in the readme to also install the ChmodBPF script
Under Sharing area of the OS X settings app configure your system to use an ethernet connection and share it out to wifi clients
Now configure your device to connect to the wifi network provided by your system, test to make sure it works
Startup Wireshark and set it to capture traffic (wifi is en1 on MacBook Pro systems, what I normally use)

And that’s it, you should now get quite readable dumps of what applications are doing to communicate. Lots of interesting things you can learn digging into how folks structure their client/server interaction.

Droid Hacks » wireshark

On Device Packet Capture

Monitoring Network Traffic Using OS X