How do I monitor network traffic sent and received from my android emulator?
This question is related to
android
networking
emulation
traffic
sniffer
I would suggest you use Wireshark.
Steps:
- Install Wireshark.
- Select the network connection that you are using for the calls(for eg, select the Wifi if you are using it)
- There will be many requests and responses, close extra applications.
- Usually the requests are in green color, once you spot your request, copy the destination address and use the filter on top by typing
ip.dst==52.187.182.185by putting the destination address.
You can make use of other filtering techniques mentioned here to get specific traffic.
A current release of Android Studio did not correctly apply the -tcpdump argument. I was still able to capture a dump by passing the related parameter to qemu as follows:
tools/emulator -engine classic -tcpdump dump.cap -avd myAvd
It is also possible to use http proxy to monitor http requests from emulator. You can pass -http-proxy flag when starting a new emulator to set proxy (Example burp) to monitor Android traffic. Example usage ./emulator -http-proxy localhost:8080 -avd android2.2. Note that in my example I'm using Burp, and it is listening port 8080. More info can be found here.
You can start the emulator with the command -avd Adfmf -http-proxy http://SYSTEM_IP:PORT.
I used HTTP Analyzer, but it should work for anything else. More details can be found here:
http://stick2code.blogspot.in/2014/04/intercept-http-requests-sent-from-app.html
There are two ways to capture network traffic directly from an Android emulator:
Copy and run an ARM-compatible tcpdump binary on the emulator, writing output to the SD card, perhaps (e.g. tcpdump -s0 -w /sdcard/emulator.cap).
Run emulator -tcpdump emulator.cap -avd my_avd to write all the emulator's traffic to a local file on your PC
In both cases you can then analyse the pcap file with tcpdump or Wireshark as normal.
It is now possible to use Wireshark directly to capture Android emulator traffic. There is an extcap plugin called androiddump which makes it possible. You need to have a tcpdump executable in the system image running on the emulator (most current images have it, tested with API 24 and API 27 images) and adbd running as root on the host (just run adb root). In the list of the available interfaces in Wireshark (Qt version only, the deprecated GTK+ doesn't have it) or the list shown with tshark -D there should be several Android interfaces allowing to sniff Bluetooth, Logcat, or Wifi traffic, e.g.:
android-wifi-tcpdump-emulator-5554 (Android WiFi Android_SDK_built_for_x86 emulator-5554)
You can use http://docs.mitmproxy.org/en/stable/install.html
Its easy to setup and won't require any extra tweaks.
I go through various tool but found it to be really good and easy.
You can monitor network traffic from Android Studio. Go to Android Monitor and open Network tab.
http://developer.android.com/tools/debugging/ddms.html
UPDATE: ?? Android Device Monitor was deprecated in Android Studio 3.1. See more in https://developer.android.com/studio/profile/monitor
Yes, wireshark will work.
I don't think there is any easy way to filter out solely emulator traffic, since it is coming from the same src IP.
Perhaps the best way would be to set up a very bare VMware environment and only run the emulator in there, at least that way there wouldn't be too much background traffic.
For OS X you can use Charles, it's simple and easy to use.
For more information, please have a look at Android Emulator and Charles Proxy blog post.
Source: Stackoverflow.com