This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

texts through home router

0

Is it possible to capture the content of texts (iMessage, SMS, etc.) sent through my home router?

asked 23 Oct '13, 12:15

ridehrd's gravatar image

ridehrd
11112
accept rate: 0%

Idon't know what iMessage is but SMS is probably not sent trough your home router but rather trough the Mobile network.

(23 Oct '13, 13:25) Anders ♦

iMessage is the Apple instant messaging app which will be going over your home LAN. This Apple KB says which ports it uses, but I suspect as both 443 and 5223 are SSL connections, even if you can capture the packets the contents will be scrambled.

(24 Oct '13, 04:12) Mike the TV

2 Answers:

1

The capture method would be different depending on the protocol.

SMS: These are, in almost all cases, exclusively sent to your mobile carrier network. Further, they are sent over a control/signaling channel from your device, and not over any TCP/IP data session. From the device perspective, for either LTE or previous radio access networks (UMTS, GSM) the protocol stack would be RRC/NAS/GSM_SMS, where "RRC" or "Radio Resource Control" is a logical radio channel for your device to send control/signaling messages toward the cell tower, "NAS" or "Non-Access Stratum" is any type of control or signaling message that the device wants the radio network to tunnel toward the mobile "Core" network, and within that "non-access" message an SMS message is sent. Because SMS is sent over control channels, you would need special device analysis tools to trace the traffic, and those tools would be chipset-dependent (eg: a device that uses a Qualcomm chipset could use a tool such as Qualcomm QXDM to analyse this traffic).

MMS: This type of message is sent over a TCP/IP network connection to a web proxy, and your device's MMS configuration settings should have the IP/port details of the web proxy it is connecting to to send or receive the messages. Note, the IP network you use to reach the web proxy would be an address inside your carrier's network, so it would not be possible to use traditional MMS over Wifi (over the Internet, you would not have IP connectivity to a carrier's MMS web proxy). So, you'd need to trace data sent over the radio network in user-plane data channels, and again would need special analytical tools to do that. NOTE also that aside from the user-plane component, when you receive an MMS the reality is that you're receiving a background SMS message (as described above), where it tells the phone to initiate an MMS data session with the web proxy to receive the new MMS.

iMessage: This can be sent over Wifi, but I don't think there is any case where it would be clear-text.

For reference, here are the latest whitepapers for SMS and MMS respectively from the 3GPP. They are both huge topics to walk into, but the short of it is that SMS is based on the SS7 protocol stack rather than TCP/IP, and its really a whole other world of (legacy) networking. In a sense, sending an SMS is more like making a phone call than it is like sending an IP packet to trace: http://www.etsi.org/deliver/etsi_ts/123000_123099/123040/10.00.00_60/ts_123040v100000p.pdf http://www.etsi.org/deliver/etsi_ts/123100_123199/123140/06.16.00_60/ts_123140v061600p.pdf

answered 03 Nov '13, 12:08

Quadratic's gravatar image

Quadratic
1.9k6928
accept rate: 13%

edited 03 Nov '13, 12:09

0

You CAN capture the iMessage data if it is being sent over the WiFi and not over the mobile network. However, it will be encrypted, so you will not see the actual text messages.

answered 03 Nov '13, 03:38

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%