Android Packet Capture
This article explores Android packet capture methods, including disabling SSL pinning and utilizing tools like Frida scripts, JustTrustMe Xposed, SSLUnpinning Xposed, apk-mitm, or PCAPdroid-API. Additionally, it provides step-by-step instructions for setting up an HTTP proxy via ADB.
disable ssl pinning
use frida scripts specific to applications
justtrustme xposed
sslunpinning xposed
apk-mitm by repacking apk and resigning
capture, packet routing
recommend to use: PCAPdroid-API
1 | adb shell am start -e action start -e pcap_dump_mode udp_exporter -e collector_ip_address 127.0.0.1 -e collector_port 5123 -e app_filter com.tencent.mobileqq -n com.emanuelef.remote_capture.debug/com.emanuelef.remote_capture.activities.CaptureCtrl |
setting up http proxy via adb:
1 | # this does not ensure that the target app is captured. |