iphonepacketpacket-capturesniffingpacket-sniffers

iPhone and WireShark


How can I sniff packets from my iPhone on my network? can someone give me some instructions? I tried Googling, but nothing teaches how to sniff iPhone packets、

I am on windows.


Solution

  • Update (2021-04-01): Paros no longer can be easily installed and run on many OS's due to using an extremely old version of Java.

    However there is now OWASP ZAP which is a fork of Paros and can be used to achieve the same ends.

    Basic steps are:

    1. Install ZAP's root CA certificate on your iOS device.
    2. Configure the proxy settings of the iOS device to point to your running ZAP.
    3. Capture away.

    Thre is a blogpost by Omer Levi Hevroni on OWASP ZAP with iOS which goes into significantly more detail on how to do these steps.


    You can use Paros to sniff the network traffic from your iPhone. See this excellent step by step post for more information: http://blog.jerodsanto.net/2009/06/sniff-your-iphones-network-traffic/. Also, look in the comments for some advice for using other proxies to get the same job done.

    One caveat is that Paras only sniffs HTTP GET/POST requests using the method above, so to sniff all network traffic, try the following:

    1. Just turn on network sharing over WiFi and run a packet sniffer like Cocoa Packet Analyzer (in OSX).
    2. Then connect to the new network from iPhone over WiFi. (SystemPreferences->Sharing->InternetSharing)

    If you're after sniffing these packets on Windows, connect to the internet using Ethernet, share your internet connection, and use the Windows computer as your access point. Then, just run Wireshark as normal and intercept the packets flowing through, filtering by their startpoints. Alternatively, try using a network hub as Wireshark can trace all packets flowing through a network if they are using the same router endpoint address (as in a hub).