堆栈内存溢出
  简体   繁体   English

捕获由Android应用程序生成的网络流量

[英]Capture network traffic generated by an android app

 原文  2016-10-03 08:50:47       android

问题描述

I want to capture the network traffic generated by an event activated on the GUI (eg a pressed button) of an android app (file .apk) installed on an AVD. 我想捕获由在AVD上安装的android应用(文件.apk)的GUI(例如,按下的按钮)上激活的事件所产生的网络流量。 First I captured the system call of the process using the strace command in the adb shell (I've obtained the PID of the process using the ps command): 首先,我在adb shell中使用strace命令捕获了该进程的系统调用(我已经使用ps命令获得了该进程的PID): 

strace -f -tt -s 200 -p 27707 -o syscallcap.txt

Then I analyze the txt file, but the main thread (27707) receive data (or send data) - system call recvfrom (sendto or sendmsg) - from an unknown process; 然后,我分析了txt文件,但是主线程(27707)从未知进程接收数据(或发送数据)-系统调用recvfrom(sendto或sendmsg); the last two field are NULL): 最后两个字段为NULL):

27707 19:06:29.441356 recvfrom(72, "nysv\\0\\0\\0\\0}\\323\\33{\\370\\r\\0\\0W\\36\\1\\0\\0\\0\\0\\0", 2400, MSG_DONTWAIT, NULL, NULL) = 24 27707 19:06:29.441356 recvfrom(72,“ nysv \\ 0 \\ 0 \\ 0 \\ 0} \\ 323 \\ 33 {\\ 370 \\ r \\ 0 \\ 0W \\ 36 \\ 1 \\ 0 \\ 0 \\ 0 \\ 0 \\ 0”, 2400,MSG_DONTWAIT,NULL,NULL)= 24

How can I understand what system calls are important for my purposes? 我如何才能理解哪些系统调用对我的目的很重要? How can I capture the http/tcp/udp network traffic of an android app installed on the emulator starting from the system call? 如何从系统调用开始捕获模拟器上安装的android应用的http / tcp / udp网络流量? Any advice or idea it's welcome, because it's for a thesis project. 任何建议或想法都是受欢迎的,因为它是针对论文项目的。

1 个解决方案

解决方案1
 0 已采纳  2016-10-03 09:39:45

Well, there are two ways that i know to log network traffic of a device. 好吧,我知道有两种方法可以记录设备的网络流量。

IPTABLES IP表

IPTables is a firewall application for linux Netfilter module, used to configure chains and rules. IPTables是用于Linux Netfilter模块的防火墙应用程序,用于配置链和规则。 We use iptables to intercept and redirect traffic to our internal proxy server, which then relays the traffic to configured proxy server. 我们使用iptables拦截流量并将其重定向到内部代理服务器,然后内部代理服务器将流量中继到已配置的代理服务器。

Requires ROOT 需要ROOT

Android firewall with VpnService 具有VpnService的Android防火墙

Using this method you can implement tunneling in your application which will log all the network traffic. 使用此方法,您可以在应用程序中实现隧道传输,这将记录所有网络流量。

The Links provided should give you a direction 提供的链接应该给您一个方向

Now, for mapping traffic from foreground app, all apps have a unique app id which can be used to set/monitor a chain to log its traffic. 现在,为了映射来自前景应用程序的流量,所有应用程序都有一个唯一的应用程序ID,可用于设置/监视链以记录其流量。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Android:如何以编程方式捕获App的网络流量? - Android: How to capture App's Network Traffic Programmatically? 如何在Android上捕获应用流量 - How to capture app traffic on Android 如何从特定的Android应用程序捕获网络流量。 - How to capture network traffic from a specific android application. 反转 Android 市场应用程序网络流量 - reversing Android Market app network traffic 以编程方式捕获网络流量(无根) - Capture network traffic programmatically (no root) 如何保护Android应用程序免受网络流量捕获 - How to secure android app from network traffic capturing 如何在没有代码的情况下在 Android 上查看 React Native App 的网络流量 - How to view network traffic of React Native App on Android WITHOUT code 如何捕获特定第三方App的网络流量数据? 有可能吗? - How to capture network traffic data of specific third-party App? Is it possibile? 在 Android 设备上捕获 USB 流量 - Capture USB traffic on Android Device 蚀监控android的网络流量 - eclipse monitoring network traffic of android
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM