How can I sniff packets from my iPhone on my network? can someone give me some instructions? I tried Googling, but nothing teaches how to sniff iPhone packets、
I am on windows.
There is no version of Wireshark that runs on iOS, so it can't be installed on an iPad or an iPhone or an iPod touch. By default, in order to capture packets, a program needs to run as the superuser on Darwin-based operating systems such as OS X and iOS.
Wireshark is legal to use, but it can become illegal if cybersecurity professionals attempt to monitor a network that they do not have explicit authorization to monitor.
Wireshark is an open-source network protocol analysis software program started by Gerald Combs in 1998. A global organization of network specialists and software developers support Wireshark and continue to make updates for new network technologies and encryption methods. Wireshark is absolutely safe to use.
You can't usually detect Wireshark or any other sniffer that is passively capturing packets on your network, and most of the time that is not a problem at all.
Update (2021-04-01): Paros no longer can be easily installed and run on many OS's due to using an extremely old version of Java.
However there is now OWASP ZAP which is a fork of Paros and can be used to achieve the same ends.
Basic steps are:
Thre is a blogpost by Omer Levi Hevroni on OWASP ZAP with iOS which goes into significantly more detail on how to do these steps.
You can use Paros to sniff the network traffic from your iPhone. See this excellent step by step post for more information: http://blog.jerodsanto.net/2009/06/sniff-your-iphones-network-traffic/. Also, look in the comments for some advice for using other proxies to get the same job done.
One caveat is that Paras only sniffs HTTP GET/POST requests using the method above, so to sniff all network traffic, try the following:
- Just turn on network sharing over WiFi and run a packet sniffer like Cocoa Packet Analyzer (in OSX).
- Then connect to the new network from iPhone over WiFi. (SystemPreferences->Sharing->InternetSharing)
If you're after sniffing these packets on Windows, connect to the internet using Ethernet, share your internet connection, and use the Windows computer as your access point. Then, just run Wireshark as normal and intercept the packets flowing through, filtering by their startpoints. Alternatively, try using a network hub as Wireshark can trace all packets flowing through a network if they are using the same router endpoint address (as in a hub).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With