Sniffing Android web traffic (not on WiFi)?

0
votes

I've been analyzing malicious Android applications recently, using Fiddler as a proxy to monitor network traffic on the device. It's been great, but I've found an app that I want to monitor that doesn't send traffic while connected to WiFi, only when the mobile internet is activated.

I've set up a separate server with open ports, running Fiddler, and attempted to route all mobile traffic through Fiddler's proxy on the remote server (by setting a proxy in the APN section of the device's settings). I'm not seeing any traffic at all, and while the proxy is set I'm not receiving any traffic to the device either (which implies the proxy server isn't working). I thought it may have been a server configuration issue, but everything seems fine.

Tl;dr is there an easier way to sniff Android network traffic that isn't over wifi?

2
androidnetworkingproxyfiddler
Does the app send data if it is tethered over Bluetooth to another device that is connected to mobile internet? If so, you might be able to hook up both your phone and Fiddler to another device that can host the tethering and then route the android traffic through Fiddler. I have no idea if this will work though.JKor
From what I can tell the app specifically checks for a mobile data connection, but I'll look into this anyway. Thanks!pablo

2 Answers

1
votes

The only solution that I think is feasible is to connect your device to a VPN through a mobile connection: probably you can analyze the traffic on VPN server. Otherwise you can take a look at this app tPacketCapture: sometime it works, sometime it doesn't.

0
votes

Have you tried WireShark?, Is used for Wifi, you can set it to analyze traffic for your needs.