PCAPdroid Can Sniff Packets on Android if You Have Root Access

Описание: PCAPdroid is a free and open source application that lets you log and examine the connections made on your Android smartphone or tablet.

~~~~~
Hi! Don't forget to like the video, subscribe to the channel, and hit the "Thanks" button on this video, if you can, and join our channel community here -    / @explainingandroid  


Video Description
~~~~~~~~~~~~~~~~~
Today I wanted to highlight a free and open source application called PCAPdroid that allows you to track, analyze, and block the connections made by user apps and system apps on your Android device.

#Android #AndroidApp #AndroidRoot

On the surface, this application does not require root access to perform its most basic tasks, but if you're looking to sniff packets to view what our device is transmitting then you will need root access.

This application primarily works by creating a local VPN directly on your device. It will then connect to that VPN so that it can log and display all of the connections made by the apps on your device. You can also choose to extract the SNI, DNS query, HTTP URL, and the remote IP address of those connections.

The app allows you to inspect the HTT requests and replies by using its built-in decoders, and offers a way for you to inspect the full payload of the connections as a hexdump or via text.

It has a feature to allow you to decrypt the HTTPS/TLS traffic so you can export the SSLKEYLOGFILE while also giving you the ability to dump the traffic to a PCAP file. Which you can then download it from a browser or stream it to a remote receiver for real-time analysis, similar to Wireshark.

You can create rules to filter out the good traffic from your apps and games, which can help you to easily spot the anomalies.

It also offers a way to identify the country and ASN of the remote servers that your phone is connecting to via an offline database lookup system.

And as mentioned, on rooted devices, you can capture the traffic so you can analyze what is actually being transmitted to and from your device.

All of these features are free with PCAPdroid, but there are some paid features available in the app.
Including a firewall so you can create rules to block individual apps, domains, and ip addresses
A malware detection feature to monitor the connections made to your device and compare them to 3rd-party blacklists.
You can also dump the packets in a pcapng format to allow embedding TLS drcryption secrets
You can even get access to these paid features if you download the app from GitHub or F-Droid.

If you're curious about the data coming in and going out of your device, then an application like PCAPdroid could allow you to find out what is going on.

I have read that some websites may have issues loading while running, but this won't be an issue for all of them. And you'll have better luck using this app to track, analyze, and block connections made by the 1st-party and 3rd-party apps installed on your smartphone or tablet.


Mentioned Links
~~~~~~~~~~~~~~~~~
PCAPdroid - https://play.google.com/store/apps/de...
F-Droid Links - https://f-droid.org/packages/com.eman...
GitHub Source - https://github.com/emanuele-f/PCAPdroid


As an Amazon associate, I may earn a commission on sales from the links below.

The Gear I Use
~~~~~~~~~~~~~~~~~
5W "Slow" Charger - https://amzn.to/2OaUMV8
Fast Charger - https://amzn.to/3rtBsC6
MicroUSB Cable - https://amzn.to/38dkpeM
USB-C Cable - https://amzn.to/2OqlTvi
TPU Cases - https://amzn.to/38g9b9w
USB-C to 3.5mm Dongle - https://amzn.to/3rVt7c3
USB-C to 3.5mm DAC - https://amzn.to/3CyksSJ
NVIDIA Shield TV - https://bit.ly/3KA17RV