问题
I'm trying to reverse engineer one Android app's traffic and it's using sockets, xmpp or something else, but not http(s) on some features. I know this because Charles does not see some requests, but data is definitely coming from the server for sure (e.g. chat messages).
Android allows to set http(s) proxy, not socks. ProxyDroid doesn't work on genymotion, because it's x86 and ProxyDroid doesn't support that. Tried Drony app on genymotion, which supposedly should allow socks proxy, but once I try turning it on, the whole emulator restarts (probably crashes).
So how do I sniff/trace/inspect sockets traffic on Genymotion/Android emulator?
回答1:
You might have better luck by doing it on the host side, ie from the Windows/Mac/Linux machine running Genymotion.
The basics
Install Wireshark
Start Wireshark and select the network interface which connects you to the Internet (or to the server you are interested in). For me it is
wlp1s0.
- Tell Wireshark you only want traffic going from your device to the server you are interested by entering
ip.dst == <server-ip>in the filter line. Now go back to your device and use the application which communicates with the server. Traffic should appear in Wireshark. Here I am browsing my web site, whose IP address is 5.135.144.176:
Note that if Wireshark knows about the protocol used by the server, you can filter it. Here is the same output with the http filter:
Watching only traffic from the device
With the current setup, if you access the server from your host, this traffic will be logged by Wireshark as well. To avoid that you need to do the following:
- Configure your device in Bridge mode: stop the device, open its settings dialog and select Bridge:
- Get the device IP address: restart the device, open the "Settings" application and go to "About phone > Status", note the IP address:
- Add this IP address to the filter line in wireshark, like so:
ip.src == <the-device-ip> and ip.dst == <the-server-ip>.
来源:https://stackoverflow.com/questions/48062494/how-to-sniff-non-http-traffic-sockets-on-genymotion-android-emulator