This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Capturing Packets on Mobile

0

I would like to capture packets of the internet traffic of my mobile. I would like to ask that if I install wire shark on my desktop machine, and then make my desktop a wifi hot spot, connect my mobile phone with this desktop powered wifi then Would I be able to capture/analyse packets of my internet traffic of mobile on wire shark at desktop?

Your help is highly appreciated.

asked 04 Nov '13, 23:39

zohaibjabbar's gravatar image

zohaibjabbar
16114
accept rate: 0%


2 Answers:

1

There is software available that turns a Windows (or Linux) system into a wireless access point (please search google). So, if you manage to convert your system into a wireless access point (aka Hotspot) and you run Wireshark on that system, you will/should be able to see the traffic that is forwarded through that system.

Regards
Kurt

answered 05 Nov '13, 05:24

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 05 Nov '13, 05:30

Hi Kurt, thanks for you response. I was able to get the traffic. Can you please let me know that how can I identify that which data packet belongs to which application installed on phone? and how can I analyse the data section? thanks again for your time.

(10 Nov '13, 00:26) zohaibjabbar
1

how can I identify that which data packet belongs to which application installed on phone?

You can't as the packets don't contain that information. You may find hints in the packets (IP addresses, DNS, certificates, etc.) that give an idea about the application (google, apple, twitter, whatsapp, etc.) but nothing reliable to identify an application. With root access to the phone you might be able to get more information (like 'netstat -na'), but that's beyond the socpe of this site.

and how can I analyse the data section?

depends on your needs. A simple way:

  • right-click on a packet
  • select "Follow TCP Stream" (same for UDP)

That will show you the transmitted data. If it contains clear text (not encrypted and the like), you can read it. Otherwise (encrypted) there is not much you can analyze.

(10 Nov '13, 03:03) Kurt Knochner ♦

0

Hi, try tPacketCapture , this does no require any rooting of the device, its freely downloadable from the android market place https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en

Its fast and efficient, there is a paid version with better features.

setting-up hotspot on PC is a cumbersome process

answered 10 Nov '13, 20:20

deepacket's gravatar image

deepacket
31224
accept rate: 0%

edited 10 Nov '13, 20:21