TCPDUMP SCRIPT FOR ANDROID

Hello,everyone.Now,I want to share tcpdump script for Andriod and how to use it.Before doing that,let me tell what tcpdump is.On Wikipedia,tcpdump is described as:

tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license,tcpdump is free software.

tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, OS X, HP-UX, Android and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets. The port of tcpdump for Windows is called WinDump; it usesWinPcap, the Windows port of libpcap.

tcpdump can be used for intercepting(capturing) the data packets sent by Android phone as it has Linux kernel.

DOWNLOAD :  tcpdump

STEPS:

1.Fist trick:

Download and move tcpdump script to /system/bin folder using file manager like Xplore File manager.Use Xplore or any Filemanager with “Superuser + Mount” mode for changing file permissions.Now,go to  /system/bin/tcpdump  file and change its permission to 777 as shown in screenshot.

Note: Your /system folder must have read & write permission.Screenshot_2016-08-24-22-51-34

Another trick:

Consider that tcpdump script which i downloaded is in /sdcard/download folder.Then you can type these commands in terminal to copy file tcpdump to /system/bin and for changing file permission of tcpdump to 777 (see screnshot).Type these in terminal carefully as shown in screenshot:Screenshot_2016-08-24-23-18-22

su                                                                                                     

mount -o remount,rw  /system

cp /sdcard/download/tcpdump /system/bin

cd /system/bin

chmod 777 tcpdump

mount -o remount,ro /system

2.Now,you have succesfully placed tcpdump in /system/bin .To run tcpdump ,simply type this on Terminal as shown in screenshot:

tcpdumpScreenshot_2016-08-24-23-39-10.png

You can clearly see tcpdump running and all data packets sent on Terminal screen.

If you want to save this log to a file l.cap for later analysis ,you can use this command in Terminal as shown in screenshot :

tcpdump -vv -s 0 -w /sdcard/l.cap 

Screenshot_2016-08-24-23-18-22

The options used are explained as:

-vv : puts tcpdump into verbose mode

-s 0 : sets the program to grab all packets

-w : writes the output to a file

The output file l.cap generated will be as shown in screenshot.This file can be analyzed application using Wireshark.

Screenshot_2016-08-24-23-20-25

 

Now,you successfully know how to use tcmpdump to intercept all data packets.

Happy phreaking brothers.

Thanks everyone for reading this post.Thanks to my friends and facebook groups where i learn.

If you have any questions,please post in comments.

Sharing is caring.

©gauravssnl

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s