So you want to sniff android data huh? Wondering what your android thinks about you behind your back? I took a little peek at my Android traffic and was amazed at the amount of data that flowed in and (mostly) out of that little green monster.
Start out by making sure you have the following:
A quick explanation of the above list. The wireless hosted network makes a computer with a wireless adapter act like a router. This is how we’re going to get our hands on the android data. Fiddler2 lets us see (or in hacker geek term) “sniff” http(s) traffic. The (s) is the key here. Without that simple spineless squiggle most of the data we’d see would look like gibberish. A rooted android device running a proxy app, such as ProxyDroid used in this tutorial. Once you have the above items installed and configured, tested and working you can begin.
Launch Fiddler and click Tools > Fiddler Options > Connections and place a check mark next to “Allow remote computers to connect”. Note the port number, you’ll need to enter that on the android device.
While you’re here let’s configure Fiddler to only show us the traffic from the android and to decrypt the http(s) traffic it encounters. Switch to the HTTPS tab and configure as below then click OK. You’re done configuring Fiddler.
Find the IP address assigned to your wireless hosted network by running ipconfig in a command prompt.
Launch ProxyDroid on the device and enter the IP address from above as the host, and the port from Fiddler. Proxy type is http and make sure to scroll down and enable “Global Proxy”.
Once those settings are in place check “Proxy Switch” to enable the proxy.
If all has gone according to plan if you generate some traffic on your android device you should see it in Fiddler
Not all traffic will be 100% human readable and sometimes you’ll notice some apps might not work correctly (google voice) but it will all definitely still yield some useful information. I’ve found it great for helping me learn to write apps for the android, what will you be using this for?