Android运行cmd抓取tcpdump包并保存本地

  1 package com.alipay.net;
  2
  3 /**
  4  * Created by xianyu.hxy on 2015/6/9.
  5  */
  6
  7 import android.content.Context;
  8 import android.content.res.AssetManager;
  9 import android.os.Environment;
 10 import android.text.TextUtils;
 11
 12 import java.io.*;
 13
 14 public class CommandsHelper {
 15     private static final String NAME = "tcpdump";
 16     private static final String TAG = "CommandsHelper";
 17     public static final String DEST_FILE = Environment.getExternalStorageDirectory() + File.separator+"Alipay"+File.separator+"capture.pcap";
 18     public static final String DEST_FILE1="/sdcard/Alipay/capture.pcap";
 19     public static boolean startCapture(Context context) {
 20         InputStream is = null;
 21         OutputStream os = null;
 22         boolean retVal = false;
 23         try {
 24             AssetManager am = context.getAssets();
 25             is = am.open(NAME);
 26             File sdcardFile = Environment.getExternalStorageDirectory();
 27             File dstFile = new File(sdcardFile, NAME);
 28             os = new FileOutputStream(dstFile);
 29
 30             copyStream(is, os);
 31
 32             String[] commands = new String[7];
 33             commands[0] = "adb shell";
 34             commands[1] = "su";
 35             commands[2] = "cp -rf " + dstFile.toString() + " /data/local/tcpdump";
 36             commands[3] = "rm -r " + dstFile.toString();
 37             commands[4] = "chmod 777 /data/local/tcpdump";
 38             commands[5] ="cd /data/local";
 39             commands[6] = "./tcpdump -p -vv -s 0 -w " + DEST_FILE1;
 40
 41             execCmd(commands);
 42         } catch (IOException e) {
 43             e.printStackTrace();
 44
 45         } finally {
 46             closeSafely(is);
 47             closeSafely(os);
 48         }
 49
 50         return retVal;
 51     }
 52
 53     public static void stopCapture(Context context) {
 54         // 找出所有的带有tcpdump的进程
 55         String[] commands = new String[2];
 56         commands[0] = "adb shell";
 57         commands[1] = "ps|grep tcpdump|grep root|awk ‘{print $2}‘";
 58         Process process = execCmd(commands);
 59         String result = parseInputStream(process.getInputStream());
 60         if (!TextUtils.isEmpty(result)) {
 61             String[] pids = result.split("\n");
 62             if (null != pids) {
 63                 String[] killCmds = new String[pids.length];
 64                 for (int i = 0; i < pids.length; ++i) {
 65                     killCmds[i] = "kill -9 " + pids[i];
 66                 }
 67                 execCmd(killCmds);
 68             }
 69         }
 70     }
 71
 72     public static Process execCmd(String command) {
 73         return execCmd(new String[] { command }, true);
 74     }
 75
 76     public static Process execCmd(String[] commands) {
 77         return execCmd(commands, true);
 78     }
 79
 80     public static Process execCmd(String[] commands, boolean waitFor) {
 81         Process suProcess = null;
 82         try {
 83             suProcess = Runtime.getRuntime().exec("su\n");
 84
 85             DataOutputStream os = new DataOutputStream(suProcess.getOutputStream());
 86             for (String cmd : commands) {
 87                 if (!TextUtils.isEmpty(cmd)) {
 88                     os.writeBytes(cmd + "\n");
 89                 }
 90             }
 91             os.flush();
 92             os.writeBytes("exit\n");
 93             os.flush();
 94         } catch (IOException e) {
 95             e.printStackTrace();
 96         }
 97
 98         if (waitFor) {
 99             boolean retval = false;
100             try {
101                 int suProcessRetval = suProcess.waitFor();
102                 if (255 != suProcessRetval) {
103                     retval = true;
104                 } else {
105                     retval = false;
106                 }
107             } catch (Exception ex) {
108               //  Log.w("Error ejecutando el comando Root", ex);
109             }
110         }
111
112         return suProcess;
113     }
114
115     private static void copyStream(InputStream is, OutputStream os) {
116         final int BUFFER_SIZE = 1024;
117         try {
118             byte[] bytes = new byte[BUFFER_SIZE];
119             for (;;) {
120                 int count = is.read(bytes, 0, BUFFER_SIZE);
121                 if (count == -1) {
122                     break;
123                 }
124
125                 os.write(bytes, 0, count);
126             }
127         } catch (IOException e) {
128             e.printStackTrace();
129         }
130     }
131
132     private static void closeSafely(Closeable is) {
133         try {
134             if (null != is) {
135                 is.close();
136             }
137         } catch (IOException e) {
138             e.printStackTrace();
139         }
140     }
141
142     private static String parseInputStream(InputStream is) {
143         InputStreamReader isr = new InputStreamReader(is);
144         BufferedReader br = new BufferedReader(isr);
145         String line = null;
146         StringBuilder sb = new StringBuilder();
147         try {
148             while ( (line = br.readLine()) != null) {
149                 sb.append(line).append("\n");
150             }
151         } catch (IOException e) {
152             e.printStackTrace();
153         }
154
155         return sb.toString();
156     }
157 }
Runtime.getRuntime().exec("su\n");执行su的时候会弹出框;手机必须root;执行的tcpdump文件http://i.cnblogs.com/Files.aspx可下载。保存的.pcap文件可用wireshark分析。非root情况下用fiddler只能获取http请求。
时间: 2024-10-11 02:38:54

Android运行cmd抓取tcpdump包并保存本地的相关文章

[转]使用tcpdump抓取HTTP包

tcpdump -XvvennSs 0 -i eth0 tcp[20:2]=0x4745 or tcp[20:2]=0x4854 0x4745 为"GET"前两个字母"GE",0x4854 为"HTTP"前两个字母"HT". 输出到文件: sudo tcpdump  -XvvennSs 0 -i rvi0 tcp[20:2]=0x4745 or tcp[20:2]=0x4854 >> ~/out.pcapng tc

Android 7.0 以上 Charles 和 Fiddler 无法抓取 HTTPS 包的解决方式

Android 7.0 以上 Charles 和 Fiddler 无法抓取 HTTPS 包的解决方式 https://johnnyshieh.me/posts/android-7-capture-https-package/ 发表于 2019-05-06 | 分类于 Android| 0| 阅读次数 最近升级了 targetSdkVersion 到 28 后发现在 Android 7.0 以上机型 Charles 抓取 https 包时显示找不到证书,但是 Android 6.0 机型还是可以正

利用Fiddler抓取websocket包

一.利用fiddler抓取websockt包 打开Fiddler,点开菜单栏的Rules,选择Customize Rules... 这时会打开CustomRules.js文件,在class Handlers中加入以下代码 static function OnWebSocketMessage(oMsg: WebSocketMessage) { // Log Message to the LOG tab FiddlerApplication.Log.LogString(oMsg.ToString()

手机通过Charles抓取https包

因为fiddler不能在mac上使用,而Charles是跨平台的,可以在mac上使用,所以需要了解一下Charles的使用 安装破解版Charles 下载破解版包,先启动一次未破解版的Charles,然后再替换包内容的java下的Charles.jar 破解版下载地址(如果不幸的又不能下载了,那就网上随便搜一个吧):http://download.csdn.net/download/m694449212/9770583 手机通过Charles抓取https 第一步:配置Charles,允许抓取h

H3C交换机端口镜像,抓取数据包wireshark实战

端口镜像 <H3C>system-vies     //进入配置模式 用户名:admin 密码:admin(默认) [H3C] dis cu int  查看所有端口的配置 [H3C] mirroring-group 1  local   //创建本地镜像组 [H3C] mirroring-group 1 mirroring-port G1/0/1 both     //设置源端口,镜像可以根据实际情况灵活选择入方向.出方向及全部流量:both,全部流量:inbound,入方向流量:outbou

Android利用wireshark抓取网络数据包

Android利用tcpdump和wireshark抓取网络数据包:http://blog.csdn.net/forlong401/article/details/23538737 Mac OS X上使用Wireshark抓包:http://blog.csdn.net/phunxm/article/details/38590561 Mac mini下wireshark抓包的使用:http://blog.sina.com.cn/s/blog_50da19a50101nxzn.html 如何mac下

tcpdump抓取HTTP包

tcpdump -XvvennSs 0 -i eth0 tcp[20:2]=0x4745 or tcp[20:2]=0x4854 0x4745 为"GET"前两个字母"GE" 0x4854 为"HTTP"前两个字母"HT" 说明: 通常情况下:一个正常的TCP连接,都会有三个阶段:1.TCP三次握手;2.数据传送;3.TCP四次挥手 里面的几个概念: SYN: (同步序列编号,Synchronize Sequence Numb

利用tcpdump抓取网络包

1.下载并安装tcpdump 下载地址:tcpdump 安装tcpdump,连接adb adb push tcpdump /data/local/tcpdump adb shell chmod 6755 /data/local/tcpdump adb root 2.启动并运行tcpdump 直接显示连接信息 adb shell /data/local/tcpdump -n -s 0 抓取数据到文件 adb shell /data/local/tcpdump -i any -p -s 0 -w /

[整理]Android测试日志文件抓取与分析 -顶

http://blog.csdn.net/ameyume/article/details/7667574 1.log文件分类简介实时打印的主要有:logcat main,logcat radio,logcat events,tcpdump,还有高通平台的还会有QXDM日志状态信息的有:adb shell cat /proc/kmsg ,adb shell dmesg,adb shell dumpstate,adb shell dumpsys,adb bugreport,工程模式等2.LOG抓取详