My first post is going to be on using tcpdump in android.First i have a executable file of tcpdump which is precompiled for android,so if you are a lazy guy like me go and pull the image and start using it.
Tcpdump Usage
Tcp dump usage is pretty simple for those who are experts at it forgive me for posting such a meagre portion of its power.
there are various ways of using tcpdump and here is a set which just talks about using it based on source and destination port numbers.
To capture all traffic with host churchward as source or destination address
tcpdump host churchward
To capture all traffic with the tcp or udp, source or destination port number 53
tcpdump port 10008
To capture all traffic with the source address churchward
tcpdump src host churchward
To capture all trafffic with the destination tcp or udp port 10008
tcpdump dst port 10008
To capture all TCP traffic with the source address churchward
tcpdump tcp src host churchward
To capture all trafffic with the destination udp port 10008
tcpdump udp dst port 10008
The above instructions were cherry picked from here
Note: The above exe has been tested out on a development phone and also on the emulator, it has worked as expected in both the occasions.
Instructions to use capture packets
1.Download the executable from the above link push it into the emulator of the device using adb.
adb push tcpdump /data
2.The below commands will move the binary into the emulator or the device.
adb shell
cd /data
chmod 777 tcpdump
3.Listen on the port and type of packets that you want to
Hey,
ReplyDeleteI downloaded the tcpdump and it ran perfectly fine on the emulator, but unfortunately it didnot run on the android phone. I have HTC dream developer phone running android 1.6.
- On the phone, i logged in as root using adb. created a dir in /data using mkdir
- transferred the file to the folder on hte phone
- changed permission using chmod 777 tcpdump
- checked if the permission were changed by ls -l. The permissions were correct and showed -rwxrwxrwx root root
- tried to run tcpdump -s0 -w dump and it said tcp not found.
I have double checked that i am in the correct folder.
The same command has however worked on the emulator.
any guesses as to what I have done wrong? Also have you tried it on hte developer phone or only on the emulator?
Thanks,
Mehool
(mehool.i <> gmail <> com
I got the same result.. any workarounds yet?
ReplyDeleteI cannot do a adbd root on my HTC magic. It gives a message "adbd cannot run as root on production builds".Any way out ?
ReplyDeleteif you install recovery mode, reboot to the recovery mode then mount /system and run "adb root" then copy tcpdump to your device, it should work fine
Delete@mehool maybe /data is in your path on the emulator.
ReplyDeleteTry. /tcpdump
It seems to be working for me on a rooted nexus one with froyo.
Interesting that the instructions assume no familiarity with tcpdump, yet fail to mention the signifigance of running as superuser. Even on a desktop linux, I always run it as superuser
ReplyDeleteSorry for the noobness, but which emulator does this tutorial refer to? Thanks :)
ReplyDeletehi:
ReplyDeletei have push the tcpdump as you said above but when ever i use command 'tcpdump port 10008' or what ever command of tcpdump i get the error:
tcpdump:premission denied"
Please help me out
waiting for positive reply
Damn! All sources refer to /data or /data/local - that made me almost blind. after looking an hour at "tcpdump: not found", i came across that clever idea, that i should try to execute that binary from out of a system-, rather than a data-partition, thus moved the tcpdump binary to /system/xbin. And that was it - it worked. And actually that makes just perfect sense to me. So, maybe this helps somebody in the future.
ReplyDeleteI got a good knowledge to read your article, its having useful information. so thanks for creating this interesting blog.
ReplyDeleteAndroid app developer