Hello,everyone.Now,I want to share tcpdump script for Andriod and how to use it.Before doing that,let me tell what tcpdump is.On Wikipedia,tcpdump is described as:
tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license,tcpdump is free software.
tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, OS X, HP-UX, Android and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets. The port of tcpdump for Windows is called WinDump; it usesWinPcap, the Windows port of libpcap.
tcpdump can be used for intercepting(capturing) the data packets sent by Android phone as it has Linux kernel.
DOWNLOAD : tcpdump
Download and move tcpdump script to /system/bin folder using file manager like Xplore File manager.Use Xplore or any Filemanager with “Superuser + Mount” mode for changing file permissions.Now,go to /system/bin/tcpdump file and change its permission to 777 as shown in screenshot.
Note: Your /system folder must have read & write permission.
Consider that tcpdump script which i downloaded is in /sdcard/download folder.Then you can type these commands in terminal to copy file tcpdump to /system/bin and for changing file permission of tcpdump to 777 (see screnshot).Type these in terminal carefully as shown in screenshot:
mount -o remount,rw /system
cp /sdcard/download/tcpdump /system/bin
chmod 777 tcpdump
mount -o remount,ro /system
2.Now,you have succesfully placed tcpdump in /system/bin .To run tcpdump ,simply type this on Terminal as shown in screenshot:
You can clearly see tcpdump running and all data packets sent on Terminal screen.
If you want to save this log to a file l.cap for later analysis ,you can use this command in Terminal as shown in screenshot :
tcpdump -vv -s 0 -w /sdcard/l.cap
The options used are explained as:
-vv : puts tcpdump into verbose mode
-s 0 : sets the program to grab all packets
-w : writes the output to a file
The output file l.cap generated will be as shown in screenshot.This file can be analyzed application using Wireshark.
Now,you successfully know how to use tcmpdump to intercept all data packets.
Happy phreaking brothers.
Thanks everyone for reading this post.Thanks to my friends and facebook groups where i learn.
If you have any questions,please post in comments.
Sharing is caring.