Our aim is to keep looking for new ways of achieving our outcomes. So we have a new option - work at the network traffic level, rather than proxy. We need to increase our flexibility to approaching the observation. If we have the issue that we can’t because we can’t configure the app to point to the proxy then we need other options. (It’s also fun to hook into hotel wifi and airport lounge wifi - but don’t tell anyone.)īut the serious point, is that we know we want to observe the http traffic. Why would I want to do that?īecause sometimes the mobile app you are testing does not honour the proxy settings of the device and goes direct, so you don’t see the traffic.Īnd because you can start learning more about the network traffic layers being used by your application and your device in general. Then you can capture the wifi traffic, filter it, and then monitor the HTTP traffic from your mobile device. So if your mobile device is on the same wifi network as your Wireshark machine’s wifi card. With Wireshark, you tell it to capture traffic from your network card, and it can then capture any traffic going through that network. Unlike an HTTP proxy server where you have to configure your machine to point to the HTTP proxy server in order to monitor the traffic. Wireshark is a tool for monitoring network traffic. I’m using Mac to show you this functionality. You may need to buy an additional adapter to do this.
Note that you may not be able to capture the mobile traffic on Windows because of WinPCap limitations. In the “Level of detail” section we can make the network capture shown in the lower part with more or less detail, but in most cases what we will do is download the data capture and examine it carefully in programs like Wireshark.You can find wireshark on line - it is a free tool. In “Packet Length” we will have to put 0 to capture all the frames and not limit by frame size, and in “Count” it is advisable to put 0 to capture all the traffic until we stop it manually, by default it is the value of 100 which could be very little depending on the equipment in question. All application layer protocols make use of specific source and destination ports, for example, if we want to capture HTTP traffic, we will put port 80 and filter by TCP, since it is what the HTTP application layer protocol uses. We can also configure the source or destination port if we use TCP and / or UDP, ideal for only capturing the traffic that interests us. If we do not put anything, it will capture all the packets that travel through the interface, without filtering by IP or MAC at all. This option allows us to only capture the traffic that has as its origin or destination a specific IP address or MAC address (if it is directly connected to the same subnet). Other available options are the possibility of choosing the “Host address” option.
0 kommentar(er)
