分析手机APP通信协议

首先在Fedora系统里安装squid, 然后启动squid服务, 默认监听端口为3128

# yum install -y squid
# service squid start

联接手机到无线网络, 设置在手机设置->WLAN里,修改所链接网络的设置,在高级选项里设置代理,代理IP地址为 Fedora 的IP地址, 端口为3128

然后在fedora上使用wireshark, tcpdump进行监听, 这里可以通过源IP和目标IP,协议端口等进行过滤, APP一般都是通过HTTP请求和后台进行数据通信.

# yum install -y wireshark-gnome
# sudo tcpdump -i wlp3s0 src 10.208.9.91 or dst 10.208.9.91 -A
# wireshark

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.