This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How can I capture traffic in Android and convert pcap file to a plain text file like Wireshark does ?

0

I want to capture traffic in a Android phone using tcpdump in Terminal Emulator, and convert pcap file obtained to a plain text file. Does anyone know how can i do it. Thanks

asked 24 Jul '15, 07:17

Miguel%20Freitas's gravatar image

Miguel Freitas
11224
accept rate: 0%


One Answer:

1
  1. Use tcpdump to read the pcap file, without -w; that will print it as a plain-text file in tcpdump's print format.
  2. Get TShark ported to Android, and read the file with it and the appropriate command-line arguments, such as -V.
  3. Write your own program to duplicate what tcpdump or TShark does.

answered 24 Jul '15, 11:50

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

My goal is convert a given pcap file in a plain text file with details of all packet, using a Android phone. Do you know how can I install TShark on my Android phone?

(24 Jul '15, 13:36) Miguel Freitas
1

A quick Web search for "tshark android" didn't find anything. You might have to be the first person to port it, which would involve porting, at minimum, the GLib library (not glibc, this is a library used by GTK+ and also used by non-GUI programs such as TShark and the packet-dissection libraries it uses).

(24 Jul '15, 14:28) Guy Harris ♦♦