Use a remote wireshark interface to sniff your smartphone traffic with tcpdump and ssh

If you want sniff your data throught your mobile device, a good option is redirect it to your pc and view it using wireshark (you can see your traffic in real time).
To do this, you need download previosly a tcpdump compiled for ARM or to our arquitecture.

Now these are the following steps to mount your device on the pc:

adb root
adb remount

remount of system failed: Permission denied
remount failed

This is a common error. To solve it, you need run the instructions as super user:

adb shell su -c mount -o rw,remount /system

adb push tcpdumpt /system/xbin/

Now we need to give execution permission to tcpdump:

adb shell su -c chmod 777 /system/xbin/tcpdump

In Android, you can download SSHDroid to install a ssh server with port 2222 as default. Later we transfer the output to wireshark:

ssh root@${ip} -p 2222 tcpdump -U -s0 -w - 'not port 2222' | wireshark -k -i -

tcpdump: Can't open netlink socket 13:Permission denied

Remember, give permission with su -c:

ssh root@${ip} -p 2222 su -c tcpdump -U -s0 -w - 'not port 2222' | wireshark -k -i -

Comments

Popular posts from this blog

How to fix Android when developer options are not available for this user

from: can't read /var/mail/ in Python scripts

Fix "Set scan parameters failed: Input/output error" on Ubuntu 16.04