When writing Android applications that heavily rely on networking it can sometimes be useful to inspect the network traffic going out and coming into your device. Especially when writing applications that implement networking protocols (like ftp, smtp, ssh, xmpp,..) the ability to inspect packets at TCP-level is invaluable. The following guide will show you how to do this on your Android device.
Prerequisites
What you’ll need in order to do this:
- an Android device connected to your computer via USB
- root access on your device. Visit XDA developer forums for guides on how to gain root access
- the Android SDK (downloadable from http://developer.android.com/sdk/index.html)
- the tcpdump binary compiled for ARM cpus. (downloadable from here, credit goes out to the developer at http://nerdjusttyped.blogspot.com/2009/03/android-binary-solo.html)
- if you want you can cross-compile the tcpdump sources yourself
Procedure
First you have to get the tcpdump binary on the device. Execute the following adb push command in a terminal from your SDK/tools directory.
$ ./adb push /home/steven/tcpdump-arm /data/local/
Next login to your device by executing the following adb shell command
$ ./adb shell
Once logged in to your device, navigate to the directory where you stored the tcpdump binary and gain root privileges.
$ cd data/local $ su
Start the tcpdump binary and save the captured packets to file.
$ tcpdump-arm -s 0 -w out.txt
The -s 0 argument is necessary to capture the whole packets instead of only the first x bytes. The -w out.txt writes the captured packets to file.
Every network packet that passes your network connection will be recorded in the file out.txt. Now you can launch the app you’re debugging (if it isn’t already running) and use the functionality of which you want to inspect the network traffic.
When you think you have captured enough network traffic for analysis, press Ctrl+C in your terminal to stop the tcp-dump process.
Copy the resulting file out.txt back to your computer by exiting the device shell and executing the adb pull command.
$ exit $ ./adb pull /data/local/out.txt /home/steven/out.txt
That’s it, you’re done. Now you can either analyse the network traffic by hand by reading the file with your favorite text editor or you can load it into a network analysis tool like Wireshark.
Happy debugging!
Pingback: Tweets that mention VBSteven.be » Android debugging: Capturing network traffic with tcpdump -- Topsy.com
Pingback: Barış Efe Yazıyor » Android telefonlarda network trafik gözlemleme
ahhhhhh very good, bookmarked
keep it up, JusyKassy. adult sex toys male toys
awasome post!! thank you for sharing.
Your internet site is loading average for me. May just be my isp but i don’t know… anyways great read. Quite helpful, thanks so much. Is going to be certain to bookmark your blog for future reference
Cheers for the info buddy. Im going to bookmark your site in Digg if thats okay…