我需要在我的Android设备上执行tcpdump跟踪.
我的设置:
将tcpdump文件推送到SD卡
adb push filepath/tcpdump /sdcard/tcpdump
将文件复制到/ system / bin
为tcpdump文件授予root权限
adb shell
cd /system/bin
su
chmod 777 tcpdump
运行tcpdump trace
tcpdump -vv -s 0 -w /sdcard/filename.pcap
我已经设法在三星Galaxy S4上做到了 – 它工作正常.但是,它不适用于我的三星Galaxy Tab.在tcpdump命令后我收到错误:
tcpdump
soinfo_link_image(linker.cpp:1635): could not load library "libssl.so" needed by
"/system/bin/tcpdump"; caused by load_library(linker.cpp:761): not a valid ELF
executable: libssl.soCANNOT LINK EXECUTABLE
两个设备都是root用户,并且它们具有相同的tcpdump配置.我有libssl.so
在/ system / lib /中
三星Galaxy S4
C:\Windows\System32>adb shell
shell@android:/ $su
su
root@android:/ # cd system/bin
cd system/bin
root@android:/system/bin # tcpdump
tcpdump
tcpdump: WARNING: arptype 530 not supported by libpcap - falling back to cooked
socket
tcpdump: verbose output suppressed,use -v or -vv for full protocol decode
listening on rmnet_usb0,link-type LINUX_SLL (Linux cooked),capture size 96 byt
es
三星Galaxy Tab
C:\Windows\System32>adb shell
root@android:/ # su
su
root@android:/ # cd system/bin
cd system/bin
root@android:/system/bin # tcpdump
tcpdump
soinfo_link_image(linker.cpp:1635): could not load library "libssl.so" needed by
"/system/bin/tcpdump"; caused by load_library(linker.cpp:761): not a valid ELF
executable: libssl.soCANNOT LINK EXECUTABLE
255|root@android:/system/bin #
最佳答案
http://www.kandroid.org/online-pdk/guide/tcpdump.html
它可能有用.
adb shell tcpdump -i any -p -s 0 -w /sdcard/capture.pcap
# "-i any": listen on any network interface
# "-p": disable promiscuous mode (doesn't work anyway)
# "-s 0": capture the entire packet
# "-w": write packets to a file (rather than printing to stdout)
... do whatever you want to capture,then ^C to stop it ...
adb pull /sdcard/capture.pcap .
sudo apt-get install wireshark # or ethereal,if you're still on dapper
wireshark capture.pcap # or ethereal