I am trying to write a http proxy server that would run on the device itself. In fact, need to find a way to capture the outbound http traffic generated by the device.
The code I have so far is compiling OK, it is based on the code found here: http://www.jtmelton.com/2007/11/27/a-simple-multi-threaded-java-http-proxy-server/
The problem is that the http request to the actual server would block and never return .
Is there a better way to write such a service without rooting the device?
You should check SandroProxy.
Can caputre traffic on non rooted device if os proxy settings are used, or with iptables rules on rooted one.
Traffic is stored it in local sqlite database. Captured data can be also examined by chrome devtools. To capture traffic in your app you should check source code for plugins. It has all the code for iptables redirections and proper settings.
Check out the wiki link on google source code HowToInterceptTrafficOnMyOwn
http://code.google.com/p/sandrop/wiki/HowToInterceptTrafficOnMyOwn
btw: send by sandroproxy support :)
I've been using a piece of software called proxydroid to use my device as a proxy server, and its the only one I've found which doesn't require root. I'm not sure if it will be any help to you, but its an open source project and the code can be found here:
https://github.com/madeye/proxydroid
I have noticed that the application will freeze after a while, or if a large number of request are sent at once, but I've not had chance to find out why this is happening.
Forget about setting proxy, use Facebook Stetho library (http://facebook.github.io/stetho/) to review all http requests and responses from emulator/device
Related
every time i try to print json file from my wamp server it doesn't work
i use this URL "http://127.0.0.1/webapp/users.php" to acsess the json data
but when i put another link like "http://api.androidhive.info/contacts/"
it works perfectly , so i don't know what is the problem exactly
i'm just starting to learn about json parsing in android .
any help?
my php code is
$row['id'],
'username'=>$row['username'],
'password'=>$row['password'],
));
}
print json_encode(array('result'=>$result));
mysqli_close($conn);
?>
Of course i wont work, this address is local address for your own work station(computer or any device with a ip address eg, your own phone as that address) that is why it is local ip address. Only your system can read and write to it. To over come this dilemma , either one host your on a server, or go the cheap way and broadcast your ip address to the internet using a tunneling software such as ngrok.
Here are some advantages:
Don’t constantly redeploy your in-progress work to get feedback from clients. ngrok creates a secure public URL (https://yourapp.ngrok.io) to a local webserver on your machine. Iterate quickly with immediate feedback without interrupting flow.
Test mobile apps against a development backend running on your machine. Point ngrok at your local dev server and then configure your app to use the ngrok URL. It won't change, even when you change networks.
Building webhook integrations can be a pain: it requires a public address and a lot of set up to trigger hooks. Save yourself time and frustration with ngrok. Inspect the HTTP traffic flowing over your tunnel. Then, replay webhook requests with one click to iterate quickly while staying in context.
Host personal cloud services on your own private network. Run webmail, file syncing, and more securely on your hardware with full end-to-end encryption.
ngrok is easy to install. Download a single binary with zero run-time dependencies for any major platform. Unzip it and then run it from the command line.
After reading and deliberation on some links i received at the courtesy # cricket_007, there is another way to access your local ip address across the network from wamp server.
try this, it works its just a bit longer to setup vs ngrok thats very easy, try the option thats work for you.
Happy Coding :)
I have an app, and I would like to know the webservice URL that it calls. Is there anyway to find this out?
You should check your android logs first. If the app exposes no info about requests through this, the next best thing would be to decompile the app. If the URL is static, just looking through the data files will get you the address. If it is dynamic, you can modify the dalvik bytecode to have it log to logcat and recompile the apk. If all else fails, you can use tcpdump. You'll need root, and can follow this tutorial to utilize wireshark to visualize it easily.
You can do this using app tPacketCapture. It can store network dumps in a format that can be read by WireShark or other programs on your pc.
or you could set up a proxy for the phone, using fiddler and a PC, like this:
http://www.cantoni.org/2013/11/06/capture-android-web-traffic-fiddler
you'd get all the API requests quite easily then...
I am creating an application which has to track http requests made by a given application. Android has many widgets like weather report widget, stock market report etc, which often makes request to server to get the data. I want all the request url made by an appklication to the server.
Can we log the url when an application accesses network/wifi or any other data service provider ?
Any help would be appreciated.
Can we log the url when an application accesses network/wifi or any other data service provider ?
Fortunately, no, for obvious privacy and security reasons. Malware authors would be very interested in this capability.
You can use open source proxy servers made in java for example jHTTPp2.It is having good implementation of proxy server logic.
All you need to do is just start the server from any android application and set proxy in your emulator or device to 127.0.0.1 and port as 8088(as by default the jHTTPp2 runs on that port).
You need to make some modifications to the proxy code as per Android requirements.
I hope this might be of some help to you.
I want to block given URLs of an Android device using JAVA code. When user try to connect that URLs, it should be restrict. Is this possible to do?
Not really. You could write a proxy server, ask people to use the proxy server, and do your blocking in there. But the user would have to opt into this, and removing your block would be a simple matter of removing the proxy server.
I have an Android App which uses http communication for nearly every operation. I want to be able to demo without connection to the internet by somehow replaying the http exchange. How can this be done? So I want to somehow almost like mock objects but really mock http session so I can always demo the app on or offline. This is really a very cool thing to be able to do. Since you can demo the app easily and reliably. Does anyone know how I could do this. Replicating the whole server side is just not an options its got too much stuff. Its important not to just show screencast but the real data exchange. I just want to be able to run thru the app and replay. Maybe debug as well. Thanks
Here's a hybrid solution using similar ideas from other answers:
You could write a dead simple HTTP server that listens on "localhost:80" (or whatever the port is on the server you're targeting) and point your application to this host instead by factoring out the host name from requests. Your local server has a reference to the actual remote server and does the following:
If ONLINE, forwards the request as-is to the real server, gets the response, saves it locally either in an in-memory cache keyed by the request URL or a file named with the URL as its identifier (munged appropriately)
If OFFLINE, looks up a request in its (in-memory or file system) cache and returns the contents from the cache instead
This is kind of like the record/playback mode that #nicholas.hauschild says.
Now you can just run your app once when ONLINE, causing your localhost server to save away requests that it issues against the real server. Then when you run your app OFFLINE, it just returns these cached contents instead whenever the same URLs are issued.
Hope this helps.
If you're device is rooted, you can use tcpdump as explained in this post: http://www.vbsteven.be/blog/android-debugging-inspectin-network-traffic-with-tcpdump/
or use AndroShark (get if from xda-developers here: http://forum.xda-developers.com/showthread.php?t=725692)
or this one (wifi only): http://www.9bitlabs.com/default.aspx
I would create a "Record Mode", and a "Playback Mode" for my app.
While in Record Mode, I would write out a file each time an http request was made. The file would be named by the endpoint the request is made. The contents of the file would a collection of serialized http requests/responses broken up by line. You could then deserialize lines from this file until you find the proper request, and play back the deserialized response.
This approach would also allow you to create Record/Playback profiles, where you could record multiple different sessions (by placing the files into a different directory) and then playback from whichever profile you choose.
This whole approach could be done with a small wrapper class around the HttpClient object you are using.
One way would be to use an HTTP proxy. Redirect all web traffic to the proxy, which can be running locally on the phone. This could be done with little or no source code change.
find a way using fiddler on pc,and android app take fiddler as proxy.So the http traffic is record.
http://blog.csdn.net/grhunter/article/details/5830199
Simples solution lies in faking it when there is no connection. If there is a error in connection, make sure ur app throws some preset data rather than an error in connection thing.