This article explores Android packet capture methods, including disabling SSL pinning and utilizing tools like Frida scripts, JustTrustMe Xposed, SSLUnpinning Xposed, apk-mitm, or PCAPdroid-API. Additionally, it provides step-by-step instructions for setting up an HTTP proxy via ADB.

disable ssl pinning

use frida scripts specific to applications

justtrustme xposed

sslunpinning xposed

apk-mitm by repacking apk and resigning

capture, packet routing

recommend to use: PCAPdroid-API

PCAPdroid API reference

1
2
adb shell am start -e action start -e pcap_dump_mode udp_exporter -e collector_ip_address 127.0.0.1 -e collector_port 5123 -e app_filter com.tencent.mobileqq -n com.emanuelef.remote_capture.debug/com.emanuelef.remote_capture.activities.CaptureCtrl

setting up http proxy via adb:

1
2
3
# this does not ensure that the target app is captured.
adb shell settings put global http_proxy <address>:<port>

Comments