Android : Capturing HTTP Requests with non-rooted android device

Question

I have an android application which uses a third party jar in it. Http request is sent from third party jar to server when application is running. I need to capture HTTP R

Answer 1

It's 2020 now, for the latest solution, you can use Burp Suite to sniffing https traffic without rooting your Android device.

Steps:

1. Install Burp Suite

2. Enable Proxy

3. Import the certification in your Android phone

4. Change you Wifi configuration to listening to proxy

5. Profit!

I wrote the full tutorial and screenshot on how to do it at here: https://www.yodiw.com/monitor-android-network-traffic-with-burp/

Answer 2

You could install Charles - an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet - on your PC or MAC.

Config steps:

• Let your phone and PC or MAC in a same LAN
• Launch Charles which you installed (default proxy port is 8888)
• Setup your phone's wifi configuration: set the ip of delegate to your PC or MAC's ip, port of delegate to 8888
• Lauch your app in your phone. And monitor http requests on Charles.

Answer 3

I just installed Drony, is not shareware and it does no require root on cellphone with Android 3.x or above

https://play.google.com/store/apps/details?id=org.sandroproxy.drony

It intercepts the requests and are shown on a LOG

Answer 4

You can use fiddler as webdebugger http://www.telerik.com/fiddler/web-debugging

Fiddler is a debugging tool from telerik software, which helps you to intercept every request that is initiated from your machine.

Answer 5

you can use burp-suite. do follow below procedure.

Configure the Burp Proxy listener

In Burp, go to the “Proxy” tab and then the “Options” tab.In the “Proxy Listeners" section, click the “Add” button.

In the "Binding" tab, in the “Bind to port:” box, enter a port number that is not currently in use, e.g. “8082”.Then select the “All interfaces” option, and click "OK".

Configure your device to use the proxy

In your Android device, go to the“Settings” menu.

If your device is not already connected to the wireless network you are using, then switch the "Wi-Fi" button on, and tap the “Wi-Fi” button to access the "Wi-Fi" menu.

In the "Wi-Fi networks" table, find your network and tap it to bring up the connection menu.

Tap "Connect".If you have configured a password, enter it and continue.

Once you are connected hold down on the network button to bring up the context menu.Tap “Modify network config”.

Ensure that the “Show advanced options” box is ticked.

Change the “Proxy settings” to “Manual” by tapping the button.

Then enter the IP of the computer running Burp into the “Proxy hostname”.Enter the port number configured in the “Proxy Listeners” section earlier, in this example “8082”.Tap "Save".

Test the configuration

In Burp, go to the "Proxy Intercept" tab, and ensure that intercept is “on” (if the button says “Intercept is off" then click it to toggle the interception status).

Open the browser on your Android device and go to an HTTP web page (you can visit an HTTPS web page when you have installed Burp's CA Certificate in your Android device.)

The request should be intercepted in Burp.

Answer 6

SandroProxy seems to be better than Drony (by the same developer): You can (but do not have to) conveniently view and analyze the traffic in your PC's browser.

Should work in emulators as well.