Hello,
In this blog post, I am going to show you how to record all inbound and outbound network traffic from a wireless device (smartphone, tablet, laptop, etc…).
People desire to capture traffic for many reasons, namely for/by:
- Security Auditing and penetration testing
- Programmers and testers
- Application protocol analysis and recovery
- etc…
Let’s get started!
The setup
In order to capture inbound/outbound WiFi traffic from another wireless device, we need to configure the device in question to use a network connection that we can monitor with tools such as Wireshark.
To make things simple, I will be using the WifiShare tool to accomplish this task.
Relevant articles:
- How to capture and analyze HTTP/HTTPS from your smartphone or tablet using Fiddler
- Changing the MAC address on Windows – A free Batch script
- WifiPasswordReveal: A script to reveal all the saved WiFi passwords in Windows 7 and above
Configure WifiShare tool
First, please download and run WifiShare tool then choose the access point name and the desired password:
Press the “Start sharing” button to start the access point and internet connection sharing.
Connect the WiFi device to the access point
Now that we just created a new access point to share the connection from the computer, we need to connect a device to that network.
For demonstration purposes, I will be using a Nexus 7 device:
Press “Connect” and you are done. Let us press again on the connection name just to see the assigned IP address:
“192.168.137.17” is the IP address of this device. You will need to know the IP address later to add capture filter if required.
Setting up Wireshark
So far, we have setup an access point through the computer and connected a WiFi device to be monitored. The last step is to use a monitoring tool, I will be using Wireshark. Please download it from here.
Run Wireshark and start capturing by choosing “Capture/Interfaces” from the menu or by pressing the “Start” button (as shown in the screenshot below) and selecting the interface (network card) to capture traffic from:
Which network interface to select, you ask? Please choose the interface that have the IP address of our access point (usually 192.168.137.1):
Press “Start” to start capturing!
Do you want to master Batch Files programming? Look no further, the Batchography is the right book for you.
Available in print or e-book editions from Amazon.
Use cases
At this point you are up and capturing already. What you can do with this is up to you.
I advise you to read the book “Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems” to learn more about using Wireshark and how to conduct network protocol analysis.
To capture HTTPS (encrypted), please check this article: How to capture and analyze HTTP/HTTPS from your smartphone or tablet using Fiddler
Please leave your comments and feedback below.
Stay tuned!
You might also like:
- Free WifiShare Tool – Turning your laptop into a hotspot and internet connection sharing station
- How to remote control your Android phone or tablet
- How to capture all network traffic going through your smartphone/tablet/laptop or other wireless devices
- Batchography: Changing the MAC address on Windows
- How to get unlimited free Internet at Airports
- WifiPasswordReveal: A script to reveal all the saved WiFi passwords in Windows 7 and above
Great article, but what about capturing/logging cellular data traffic?