问题
In order to learn how other applications connect to internet services I would like to monitor the traffic via Wireshark on my Linux PC. I know there are Wireshark tools for Android, but these require that the phone is rooted which mine isn't.
I have read several places that if the phone and the pc running wireshark use the same wifi connection, it is possible to monitor the traffic from Wireshark on the pc if it is running in promiscous mode.
I have tried that but I can't see any traffic except this:
77 4.638965 ZygateCo_4f:70:27 Htc_b7:a4:78 LLC I, N(R)=0, N(S)=92; DSAP 0xe2 Individual, SSAP 0x36 Response
Apart from these lines (which I have no clue what means) there is no traffic from the phone to see in Wireshark.
Are the further steps to perform in order to have this setup working?
Alternatively, are there other ways to intercept the traffic on a un-rooted phone?
(One way is to setup the pc as an access point and then connect the phone to it, but I have not succeeded in setting up my linux pc (Debian) as an AP)
回答1:
WireShark monitors only netwrok card on your computer. However, you can monitor the traffic from your phone by using hub. Follow these steps to do this:
- Connect your ethernet cable (internet) to the uplink port of the hub.
- Connect ur computer that runs wireshark to one of the port on the hub.
- Use another port on the hub and connect it to a router that has wifi.
- Connect your phone to the wireless router.
- run wireshark!
The reason of using hub is because a hub does forward traffic to all ports.
来源:https://stackoverflow.com/questions/6904795/using-wireshark-on-the-pc-to-monitor-traffic-on-the-android-phone