How to capture Android app traffic

Question

How to capture Android app traffic

I am trying to capture traffic from an application on an Android phone, and although I installed a proxy server on the phone and can capture all other Internet traffic coming from the phone (using Charles Proxy), I do not see any traffic for this application.

How to do this and how can I capture traffic?

UPDATE:

If you need help setting up a Wi-Fi access point from your computer, you can connect your phone and Wireshark traffic to it, just look at the following link for routes:
http://www.wi-fiplanet.com/tutorials/article.php/3849841/How-to-Create-Wireless-Hosted-Networks-in-Windows-7.htm
If you want to help decompile your iOS build application, look at this link: http://www.infointox.net/?tag=arm
If you need a better Dex decompiler for Java than dex2jar check this out: https://github.com/skylot/jadx

+8

android proxy reverse-engineering

blizz Feb 13 '14 at 14:41

source share

3 answers

Without shortening your phone, configure a rogue access point in Windows 7 (and higher). Then capture traffic with WireShark and save for further analysis. You can use the same trick for iOS or other WiFi devices. Please see the (My) blog for a detailed documentation of this.

http://mohit.io/blog/windows-capture-analyze-mobile-device-network-traffic/

0

mohit May 20, '14 at 22:27

source share

I highly recommend you use something like "CharlesProxy" (or similar). Remember two things when setting up the proxy server (I hope this is the application you are developing, otherwise make sure you do this, it could be ILEGAL):

1 - If you want to attack from your Android / iOS phone to a proxy server installed on your local computer, you need a proxy server that will be configured to use local IP: PORT (which means that CharlesProxy must be configured as an address like 192.168 .xx if using a normal Wi-Fi network). Then, the Android / iOS phone should set the proxy to the same IP: PORT 2 - If the application uses https, there are several ways to manage HTTPS connections:

a) If your application accepts ALL certificates, this is not a problem for any proxy server to capture and decrypt information. b) If your application accepts only system (and trusted) certificates, you need to export the charlesproxy certificate to your Android phone and add it to the list of trusted user certificates.

c) If your application correctly performs “Attach a certificate”, you will not be able to capture traffic if you do not have a private certificate for your server and you add it both to your phone and to the proxy server configuration.

Hope this helps!

0

zapotec Jun 15 '16 at 8:22

source share

Marcel tricolici · Accepted Answer · 2014-02-13T14:54:21+0000

There are several ways:

Connect the phone to the internal Wi-Fi access point (before connecting, check the additional settings and install a manual proxy server). Note. This method does not work for all network data. Some connections ignore this option.
(works only on root phones). Install the Shark for Root application on your device ... it will capture all the traffic .. it will generate dump files that can be analyzed on your PC using Wireshark software.
The best way: configure your PC as a Wi-Fi access point and force your Android device to use this Wi-Fi connection, and then sniff the traffic using the same Wireshark application.

How to capture Android app traffic

More articles: