I got this crazy idea that I don't know is possible or not... what I want to do is set up my phone as wifi access point, then allow people to connect to it, but handle all incoming http traffic myself.
So:
phone wifi in access point mode; open wifi network (this tidbit works - yes I know it's not officially supported but then I have no intention to distribute put this app on the open market or so, it works on my phone and that's good enough for me).
client can connect to the phone (e.g. my laptop: this also works).
when client tries to open an http connection to any random server, this has to be intercepted by my app and handled by a local web server. This is the point that I'm stuck on.
The web server part shouldn't be too hard; there are (open-source) web servers available. But getting the traffic to that web server, there is the problem.
The behaviour I'm after is a bit similar to what you get when connecting to some open hotspot, like hotel hotspots, that then redirect you to a login page. This intercepting of the connection request (I suspect I have to look at DNS requests?) is what I'm after.
I have seen an app that is doing this but they require the phone to be rooted. I'm hoping to find a way to do it without rooting the phone.
Wifi hotspots would usually use IPTables to redirect port 80/443 traffic to a local web server.
I have run squid on linux machines in the past on port 3128, then sent all port 80/443 traffic to squid. Then I used squid redirect any url that I didnt explicitly allow to a local web server.
IPTables is accessible on rooted android devices only though.
And I doubt there are many proxy servers available on android, so you would have to send HTTP traffic to a proxy server over the network connection.
Like has been said, you'll need IPTables, but you'll also need a proxy server, like Squid.
Google "transparent proxy with squid", or check here:
Linux: Setup a transparent proxy with Squid in three easy steps
you do not need to have a proxy, you just need a full LAMP stack on your device and IPtables, you can mark all packets that have not been authenticated to forward through to your local page, then using php change the rule for that IP address once the address has authenticated, you could do the same for mac addresses if you wish, you would then also need a daemon that periodically reset each exception
Related
I have a use-case for Android devices that I can't seem to wrap my head around. The gist of it is I want to be able to send an API command from my server to my Android app over the Internet. The solution already works if my server application is hosted on the LAN: each Android device has an IP, and I send the command to each device's IP. What if my server is on the cloud? Is there a way for my server application to connect to my Android device directly without the need for a local server?
In this use-case, the Android devices are connected to network through either WiFi or ethernet, and the network has internet access.
Any suggestion would be wonderful, thank you!
When you are in local area network, both your server and client (Android device) are assigned with virtual IPs so there is no problem with see each other.
But when your move your server application to cloud, it cannot see your Android device anymore since your device is hidden by NAT. Only the gateway(your wifi router) IP can be seen by the server.
Some ways you can try:
Assign a static IP for your Android device, and configure your gateway to make a port forwarding to redirect the network traffic to your device. Then your server can see your device by sending to your-gateway-ip:port. But this is usually not a preferred way, unless you can always have full control of the client side network environment.
Change the application protocol to something like MQTT. In such case both your server and client can connect to this "broker" server so exchanging data is possible regardless of your client is under NAT or not. However, you may need to setup this extra broker server.
Find other third party notification services to do this server to client communication, such as Google Firebase.
I'm trying to reverse engineer one Android app's traffic and it's using sockets, xmpp or something else, but not http(s) on some features. I know this because Charles does not see some requests, but data is definitely coming from the server for sure (e.g. chat messages).
Android allows to set http(s) proxy, not socks. ProxyDroid doesn't work on genymotion, because it's x86 and ProxyDroid doesn't support that. Tried Drony app on genymotion, which supposedly should allow socks proxy, but once I try turning it on, the whole emulator restarts (probably crashes).
So how do I sniff/trace/inspect sockets traffic on Genymotion/Android emulator?
You might have better luck by doing it on the host side, ie from the Windows/Mac/Linux machine running Genymotion.
The basics
Install Wireshark
Start Wireshark and select the network interface which connects you to the Internet (or to the server you are interested in). For me it is wlp1s0.
Tell Wireshark you only want traffic going from your device to the server you are interested by entering ip.dst == <server-ip> in the filter line. Now go back to your device and use the application which communicates with the server. Traffic should appear in Wireshark. Here I am browsing my web site, whose IP address is 5.135.144.176:
Note that if Wireshark knows about the protocol used by the server, you can filter it. Here is the same output with the http filter:
Watching only traffic from the device
With the current setup, if you access the server from your host, this traffic will be logged by Wireshark as well. To avoid that you need to do the following:
Configure your device in Bridge mode: stop the device, open its settings dialog and select Bridge:
Get the device IP address: restart the device, open the "Settings" application and go to "About phone > Status", note the IP address:
Add this IP address to the filter line in wireshark, like so: ip.src == <the-device-ip> and ip.dst == <the-server-ip>.
I have an app that runs in an emulator. The app sends multiple messages to my local server, for manipulating data. While i was using the app in my emulator i was using:
http://10.0.2.2/path
to reach the server. I would like to use a physical device to connect to the server. Does somebody know how to do this. What adress i should use?
Assuming that your devices are on the same Network (connected to the same router) as your computer, you can expose your computer's web server (Apache, presumably?) and then point your app directly at the local network IP address that your computer has (usually something like 192.168.1.x). I have found that the least painless way to do this is to use MAMP or WAMP or LAMP depending on your OS, but of course I have no idea what your specific situation is, so that solution may in fact make things a lot more complicated rather than less.
In any event... your computer is on the network at a specific IP address, so it's just a matter of making sure that it's willing to serve this data on whatever port you are looking for it on. If you provide more specification as to your circumstances, we can give a more detailed answer.
I want to let the users browse and download their content on an android device through an internet connection.
I have successfully made a tiny HTTP server that works fine when you are on the local WIFI.
But the server cannot be reached from an outside network or when the phone is on 3G since the operator does not allow incoming connections.
The solution as I see is to let the phone make a outgoing connection to a proxy server and let the users connect to their phone through this proxy connection.
Is there an easy way to make this setup? Like a configuration in apache? I think I am looking for a reverse proxy where the server makes the initial connection to the proxy but I am not sure what the correct term is. Any hints or links to some documentation would be appreciated.
I have an android application that talks to a server app running on grails (Groovy on Grails).
Android app basically establishes a connection with this address:
url="http://192.168.2.53:8080/tma/majBtm/androidToDesktop";
It all works fine when both the server and the android phone are connected in the same lan network.
Now the problem arises when I want the phone to talk to the server while the phone is outside the local network (I need it to use edge).
I came across VPN networks which I think might help me out. (the server has dynamic IP)
So what i did was go to dyndns.com and created a new hostname and have the app successfully run on the server. The host I created was - tmagrails.dyndns.com
How do I make my phone connect to this network? What changes am I supposed to make in order to get things working?
Also, I really want to know if this is the right approach. If not, is there any way to get things going for me?
Please advice.
First you need to set up port forwarding so that port 8080 is forwarded to your 192.168.2.53 ip address. A google search on your router model should tell you how to do this. If you want to make your app more secure you will also need to look at SSL and TLS While this won't garantee your app is secure it will stop the network traffic to your app being easily read if you were to access it from an open wifi hotspot.