Will the Wireshark developers release an iPad application? asked 10 Aug '11, 09:29 kmcintosh78 edited 10 Aug '11, 15:58 Guy Harris ♦♦ |
One Answer:
Someday, perhaps, as long as you wouldn't mind not being able to capture any traffic with it - just downloading pcap files from elsewhere and looking at them - or wouldn't mind having to have a jailbroken iPad on which to run Wireshark if you want to capture traffic on the iPad. By default, capturing network traffic in Darwin, the OS core of both Mac OS X and iOS, requires root privileges; I think one could safely say that the chances that Apple would approve an application requiring root privileges are so close to zero as to be indistinguishable from zero. Even if Apple were to change that, so that code running as the user (at least at one point, applications apparently ran as the user "mobile" in iOS) were allowed to open BPF devices, they would probably do so by sandboxing the ability to open BPF devices by default, and only approve selected applications to open BPF devices, which would require that the sandboxing mechanism allow that. In addition, the user interface would probably have to be rethought for the smaller screen, and lack of overlapping windows, for the iPad. A program to read captures, without being able to capture traffic, could probably be written for a non-jailbroken iPhone or iPad. It would not support C plugins, given that So even an iOS version of Wireshark incapable of capturing packets is unlikely to exist soon. answered 10 Aug '11, 15:56 Guy Harris ♦♦ edited 17 Jan '13, 11:24 |
I highly doubt it. That requires too much development effort IMHO. Plus, I don't think Apple would ever approve it.
So Pirni + a hypothetical iOS-ported Wireshark ver or equiv would still be pointless? Pirni packcaps via a basic MITM, i just would like to analyze the dump file while still on the iOS device.