How to Grab Data Packages on Android System

2017-04-30

I saw a good idea recently. Now let's share it.

This article was migrated from My Own. The original link is https://wudew.com/posts/54

First, confirm the environment

Requirements on Android phones

1. USB debugging has been enabled
2. Your mobile phone has been rooted (you can download it from the websites of major manufacturers), and the system partition (Baidu itself) has been unlocked, and selinux has been turned off (you can download SELinuxModeChanger from Ku'an) (the last two are recommended)
3. Busybox has already been installed (you can download busybox pro from Ku'an), and tcpdump has been installed (it should be brought with you when busybox is installed)
4. Your mobile phone version is neither too old nor too new (recommended)

Requirements on computer

1. The Adb toolkit is installed (Windows itself has a lot of Baidu, and Mac uses brew to install after installing brew（ brew cask install android-platform-tools ））
2. Able to communicate with mobile phones normally (via adb devices Command)
3. Busybox is installed (Baidu itself, so it is recommended to use unix systems such as mac)

Dangdang started

First, create an adb_tcpdump.sh file with the following contents:

 su tcpdump -s zero -w - | nc -l - p  eleven thousand three hundred and thirty-three

Create an adb_wireshark. sh file with the following contents:

 adb shell < adb_tcpdump.sh & sleep one adb forward tcp:11333 tcp:11333 sleep one mkfifo /tmp/sharkfin wireshark -k -i /tmp/sharkfin & nc 127.0.0.1 11333 > /tmp/sharkfin

Then execute sh adb_wireshark.sh OK, note that these two files must be in the same directory

This scheme has been successfully tested in MacOS (brew, wireshark, brew) and Android 7.0 (busybox, root).