As the title suggests, I would like to analyze the bluetooth traffic of my android device on wireshark, I was able to do that just a few hours ago by just connecting the Android device via usb and opening up wireshark, the android bluetooth interface would just shouw up and worked perfectly, after some time (I rebooted the phone and did a couple other things), the bluetooth interface was gone. I'm now able to only access the phone Logcat.
I think I disabled something, or have to do some steps in order to activate this feature, that I had activated before without knowing, but I can't seem to replicate that, and the only things I find online are about saving HCI log in a file and then analyzing them on wireshark, which is not ehat I'm looking for right now
I too was looking for a way to do this and I think the best way I've found so far is to use wireshark's androiddump tool: https://www.wireshark.org/docs/man-pages/androiddump.html
It's built in with wireshark and if your phone is plugged in with adb installed and configured correctly so that you can do an adb shell from your computer, then when you open wireshark your android's bluetooth interface should show up as possible source of capture as soon as you open wireshark.
You were probably using Wireshark extcap androiddump option which has three requirements:
rooted device
developer option Bluetooth HCI snoop enabled
adb server running
From your description, you simply opened wireshark and did not start Android server
Please do the following:
enable developer option Bluetooth HCI snoop - you can do so by
tapping your device serial number in your settings menu
From your terminal execute the following command: $adb start-server when you are finished you can use $adb kill-server
My goal is to send HDMI CEC commands from a standard (i.e non-system) app running on an Android box equipped with Pulse-Eight's USB dongle.
Following these instructions I successfully managed to compile libcec for Android and execute it as root on the box, with this command:
echo <my-cec-command> | cec-client -s /dev/ttyACM0
where /dev/ttyACM0 is the device file created by the system when plugging the dongle.
However the permissions of this file prevent the command to be executed by a non-root user (therefore it cannot be executed from my Android app).
On the other hand the app can actually access the USB dongle via the USB Host API of the Android SDK (provided the user grants the permission) and can even be wrapped into a USB serial controller with UsbSerial library.
But I don't see any way to make the bridge between the connection provided by Android's USB Host API and libcec/cec-client. Do you have any idea or suggestion?
The best solution that I have found so far is to use USB Host API + UsbSerial library to read/write CEC packets on the adapter's serial port with pure Java code (no embedded libCEC).
I did some retro-engineering on libCEC to find out the appropriate commands for basic operations like switching TV on & off and setting active source.
And I finally came up with the following UsbCecConnection java class: https://gist.github.com/sdabet/ac4d7711d1a529806cb7b695530b1fac
How do I use UART peripherals on Android Things for Raspberry Pi 3?
It seems that by default it is assigned the linux console.
By default the UART port is mapped to the linux console, in order to prevent the kernel message from messing around with your peripheral.
You can disable the console by mounting the boot partition from the sdcard on your host computer using:
mount /dev/sdX1 /mnt/disk
where sdX is replaced with your sdcard reader device name (running dmesg after inserting your sdcard into your reader should help you figure out the device name).
Then edit /mnt/disk/cmdline.txt to replace the following kernel boot argument:
console=serial0,115200
with:
console=tty0
If you need to re-enable the console later for debugging purpose, just add the same argument back.
See the developer docs for more info on disabling the console.
Beginning with Developer Preview 3, in which USB-Serial devices support added, external USB-UART dongles like this can be used instead of built-in UART of Raspberry Pi 3.
I have such requirement in which i have to transfer file on computer system, lets consider windows PC.
What i want to do is i have one screen with specific details,i am writing that values in one text file, now if user clicks on button then that file must be copied to computer at specific location using USB.
I have tried to search about this but didn't get anything useful.I've also refer below link
http://developer.android.com/guide/topics/connectivity/usb/host.html
Is it possible in Android, how do i communicate with windows system ?
Regards
UPDATE :
I am able sopy files to Computer using adb
./adb -s emulator-5554 pull /sdcard/juned.jpg /root/juned/android_usb/
but can i do same thing from android application ?
I think your question is not very specific to be answered. But to explain a bit consider the following:
you have to turn your android device in USB host mode so that it enumerates connected USB devices
establish a connection to your receiving device. Probably this is going to be a storage or drive with a known configuration of endpoints
when established, use a function like bulkTransfer(UsbEndpoint endpoint, byte[] buffer, int offset, int length, int timeout), which is documented as well in the link you provided. Keep in mind to choose the correct endpoint (direction TO your storage / drive)
This is just a sketch to get you started. It's clear that there is a lot more to do..
USB is probably not very suitable for what you want to do.
USB is asymmetrical, that is, a USB connection has a host at one end and a peripheral device at the other end. (For example, when you plug a USB stick into a PC, the PC is the host and the stick is the peripheral.) The host initiates and controls data transfers.
An Android phone generally acts as a peripheral device. As of Android 3.1, the phone can also act as a USB host, though not all phones support this.
In order to accomplish what you have in mind, the PC would need to run a piece of software that changes it from host mode to peripheral mode, and exposes some kind of storage that the Android device could then write to.
Maybe Bluetooth is a better option for you. You could just initiate a file transfer over Bluetooth as soon as the file changes. Inexpensive USB Bluetooth dongles are available for PCs without Bluetooth support. You might still need some software on your PC if you want to automatically accept the file transfer request on the PC.
How can I capture mobile phone traffic on Wireshark?
Here are some suggestions:
For Android phones, any network: Root your phone, then install tcpdump on it. This app is a tcpdump wrapper that will install tcpdump and enable you to start captures using a GUI. Tip: You will need to make sure you supply the right interface name for the capture and this varies from one device to another, eg -i eth0 or -i tiwlan0 - or use -i any to log all interfaces
For Android 4.0+ phones: Android PCAP from Kismet uses the USB OTG interface to support packet capture without requiring root. I haven't tried this app, and there are some restrictions on the type of devices supported (see their page)
For Android phones: tPacketCapture uses the Android VPN service to intercept packets and capture them. I have used this app successfully, but it also seems to affect the performance with large traffic volumes (eg video streaming)
For IOS 5+ devices, any network: iOS 5 added a remote virtual interface (RVI) facility that lets you use Mac OS X packet trace programs to capture traces from an iOS device. See here for more details
For all phones, wi-fi only: Set up your Mac or PC as a wireless access point, then run wireshark on the computer.
For all phones, wi-fi only: Get a capture device that can sniff wi-fi. This has the advantage of giving you 802.11x headers as well, but you may miss some of the packets
Capture using a VPN server: Its fairly easy to set-up your own VPN server using OpenVPN. You can then route your traffic through your server by setting up the mobile device as a VPN client and capture the traffic on the server end.
In addition to rupello's excellent answer, a "dirty" but very effective trick:
For all phones, any (local) network: Set up your PC to Man-In-The-Middle your mobile device.
Use Ettercap to do ARP spoofing between your mobile device and your router, and all your mobile's traffic will appear in Wireshark. See this tutorial for set-up details
Another option which has not been suggested here is to run the app you want to monitor in the Android emulator from the Android SDK. You can then easily capture the traffic with wireshark on the same machine.
This was the easiest option for me.
Wireshark + OSX + iOS:
Great overview so far, but if you want specifics for Wireshark + OSX + iOS:
install Wireshark on your computer
connect iOS device to computer via USB cable
connect iOS device and computer to the same WiFi network
run this command in a OSX terminal window: rvictl -s x where x is the UDID of your iOS device. You can find the UDID of your iOS device via iTunes (make sure you are using the UDID and not the serial number).
goto Wireshark Capture->Options, a dialog box appears, click on the line rvi0 then press the Start button.
Now you will see all network traffic on the iOS device. It can be pretty overwhelming. A couple of pointers:
don't use iOS with a VPN, you don't be able to make sense of the encrypted traffic
use simple filters to focus on interesting traffic
ip.addr==204.144.14.134 views traffic with a source or destination address of 204.144.14.134
http views only http traffic
Here's a sample window depicting TCP traffic for for pdf download from 204.144.14.134:
For Android phone I used tPacketCapture:
https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en
This app was a lifesaver I was debugging a problem with failure of SSL/TLS handshake on my Android app. Tried to setup ad hoc networking so I could use wireshark on my laptop. It did not work for me. This app quickly allowed me to capture network traffic, share it on my Google Drive so I could download on my laptop where I could examine it with Wireshark! Awesome and no root required!
Packet Capture Android app implements a VPN that logs all network traffic on the Android device. You don't need to setup any VPN/proxy server on your PC. Does not needs root. Supports SSL decryption which tPacketCapture does not. It also includes a good log viewer.
Preconditions: adb and wireshark is installed on your computer and you have a rooted android device.
Download tcpdump to ~/Downloads
adb push ~/Downloads/tcpdump /sdcard/
adb shell
su root
mv /sdcard/tcpdump /data/local/
cd /data/local/
chmod +x tcpdump
./tcpdump -vv -i any -s 0 -w /sdcard/dump.pcap
CTRL+C after you've captured enough packets.
exit
exit
adb pull /sdcard/dump.pcap ~/Downloads/
Now you can open the pcap file using Wireshark.
Install Fiddler on your PC and use it as a proxy on your Android device.
Source: http://www.cantoni.org/2013/11/06/capture-android-web-traffic-fiddler
Similarly to making your PC a wireless access point, but can be much easier, is using reverse tethering. If you happen to have an HTC phone they have a nice reverse-tethering option called "Internet pass-through", under the network/mobile network sharing settings. It routes all your traffic through your PC and you can just run Wireshark there.
Make your laptop a wifi hotspot for your phone (any) and connect it to internet. Sniff Traffic on your wifi interface using wireshark.
you will get to know a lot of anti privacy stuff!
As a Wireshark alternative/companion for Android, you can try my open source app PCAPdroid. On non-rooted devices, it uses the VPNService to capture the traffic with some limitations. On rooted devices, it works like a user-friendly tcpdump.
You can analyze connections and packets payload directly into the app, or export the traffic in PCAP format to analyze it on a PC with Wireshark. It has many other cool features, give it a try!
For Android, I previously used tPacketCapture but it didn't work well for an app streaming some video. I'm now using Shark. You need to be root to use it though.
It uses TCPDump (check the arguments you can pass) and creates a pcap file that can be read by Wireshark. The default arguments are usually good enough for me.
I had a similar problem that inspired me to develop an app that could help to capture traffic from an Android device. The app features SSH server that allows you to have traffic in Wireshark on the fly (sshdump wireshark component). As the app uses an OS feature called VPNService to capture traffic, it does not require the root access.
The app is in early Beta. If you have any issues/suggestions, do not hesitate to let me know.
Download From Play
Tutorial in which you could read additional details
For iOS Devices:
⦿ Open Terminal and simply write:
rvictl -s udid
it'll open an interface on Wireshark with a name, In my case its rvi0.
udid is iPhone's unique device id.
(How to find my iOS Device UDID)