How do you monitor network traffic on the iPhone

Question

We are looking for a Wireshark-like tool to use on the iPhone to test a 3rd party application before partnering with the 3rd party   Any suggestions

User · Answer

Try Debookee on Mac OS X which will intercept transparently the traffic of your iPhone without need of a proxy, thanks to MITM, as stated before. You'll then see in real time the different protocols used by your device.

Disclaimer: I'm part of the development team of Debookee, which is a paid application. The trial version will show you all functionnalities for a limited time.

User · Answer

Com on  no mention of Fiddler  Where s the love     Fiddler is a very popular HTTP debugger aimed at developers and not network admins  i e  Wireshark    Setting it up for iOS is fairly simple process  It can decrypt HTTPS traffic too   Our mobile team is finally reliefed after QA department started using Fiddler to troubleshoot issues  Before fiddler  people fiddled around to know who to blame  mobile team or APIs team  but not anymore

User · Answer

I use Charles Web Debugging Proxy it costs but they have a trial version   It is very simple to set up if your iPhone iPad share the same Wifi network as your Mac    Install Charles on your Mac Get the IP address for your Mac - use the Mac  Network utility  On your iPhone iPad open the Wifi settings and under the  HTTP Proxy  change to manual and enter the IP from step  2  and then Port to 8888  Charles default Port  Open Charles and under the Proxy Settings dialogmake sure the    Enable Mac OS X Proxy    and    Use HTTP Proxy    are ticked You should now see the traffic appearing within Charles If you want to look at HTTPS traffic you need to do the additional 2 steps download the Charles Certificate Bundle and then email the  crt file to your iPhone iPad and install  In the Proxy Settings Dialog SSL tab  add the specific https top level domains you want to sniff with port 443    If your Mac and iOS device are not on the same Wifi network you can set up your Mac as a Wifi router using the  Internet Sharing  option under Sharing in the System Preferences  You then connect your device to that  Wifi  network and follow the steps above

User · Answer

Run it through a proxy and monitor the traffic using Wireshark

User · Answer

Depending on what you want to do runnning it via a Proxy is not ideal  A transparent proxy might work ok as long as the packets do not get tampered with   I am about to reverse the GPS data that gets transferred from the iPhone to the iPad on iOS 4 3 x to get to the the vanilla data the best way to get a clean Network Dump is to use  tcpdump   and or  pirni  as already suggested   In this particular case where we want the Tethered data it needs to be as transparent as possible  Obviously you need your phone to be JailBroken for this to work

User · Answer

Without knowing exactly what your requirements are  here s what I did to see packts go by from the iPhone  Connect a mac on ethernet  share its network over airport and connect the iPhone to that wireless network  Run Wireshark or Packet Peeper on the mac

User · Answer

Run it through a proxy and monitor the traffic using Wireshark

User · Answer

On a jailbroken iPhone iPod capturing traffic is done nicely by both  tcpdump  and  pirni - available in the cydia repository  Analysis of these data are done by tranfering the capture over to another machine and using something like wireshark  However  given the active development that seems to be going on with these tools it s possible that soon the iPhone will handle it all

User · Answer

Without knowing exactly what your requirements are  here s what I did to see packts go by from the iPhone  Connect a mac on ethernet  share its network over airport and connect the iPhone to that wireless network  Run Wireshark or Packet Peeper on the mac

User · Answer

A man-in-the-middle proxy  like suggested by other answers  is a good solution if you only want to see HTTP HTTPS traffic   The best solution for packet sniffing  though it only works for actual iOS devices  not the simulator  I ve found is to use rvictl  This blog post has a nice writeup  Basically you do   rvictl -s  lt iphone-uid-from-xcode-organizer gt    Then you sniff the interface it creates with with Wireshark  or your favorite tool   and when you re done shut down the interface with   rvictl -x  lt iphone-uid-from-xcode-organizer gt    This is nice because if you want to packet sniff the simulator  you re having to wade through traffic to your local Mac as well  but rvictl creates a virtual interface that just shows you the traffic from the iOS device you ve plugged into your USB port   Note  this only works on a Mac

User · Answer

The best solution I have found that Works   Connect your device thru USB  And type these commands    rvictl -s UDID -  id of device 20 chars  you can locate 4t in iTunes or organiser in Xcode  sudo launchctl list com apple rpmuxd sudo tcpdump -n -t -i rvi0 -q tcp OR   just sudo tcpdump -i rvi0 -n       If rvictl is not working install Xcode    For more info  Remote Virtual Interface  http   useyourloaf com blog 2012 02 07 remote-packet-capture-for-ios-devices html

User · Answer

I use Charles Web Debugging Proxy it costs but they have a trial version   It is very simple to set up if your iPhone iPad share the same Wifi network as your Mac    Install Charles on your Mac Get the IP address for your Mac - use the Mac  Network utility  On your iPhone iPad open the Wifi settings and under the  HTTP Proxy  change to manual and enter the IP from step  2  and then Port to 8888  Charles default Port  Open Charles and under the Proxy Settings dialogmake sure the    Enable Mac OS X Proxy    and    Use HTTP Proxy    are ticked You should now see the traffic appearing within Charles If you want to look at HTTPS traffic you need to do the additional 2 steps download the Charles Certificate Bundle and then email the  crt file to your iPhone iPad and install  In the Proxy Settings Dialog SSL tab  add the specific https top level domains you want to sniff with port 443    If your Mac and iOS device are not on the same Wifi network you can set up your Mac as a Wifi router using the  Internet Sharing  option under Sharing in the System Preferences  You then connect your device to that  Wifi  network and follow the steps above

User · Answer

Run it through a proxy and monitor the traffic using Wireshark

User · Answer

On a jailbroken iPhone iPod capturing traffic is done nicely by both  tcpdump  and  pirni - available in the cydia repository  Analysis of these data are done by tranfering the capture over to another machine and using something like wireshark  However  given the active development that seems to be going on with these tools it s possible that soon the iPhone will handle it all

User · Answer

Com on  no mention of Fiddler  Where s the love     Fiddler is a very popular HTTP debugger aimed at developers and not network admins  i e  Wireshark    Setting it up for iOS is fairly simple process  It can decrypt HTTPS traffic too   Our mobile team is finally reliefed after QA department started using Fiddler to troubleshoot issues  Before fiddler  people fiddled around to know who to blame  mobile team or APIs team  but not anymore

User · Answer

For Mac OS X  Install Charles Proxy In Charles go to Proxy  gt  Proxy Settings  It should display the HTTP proxy port  it s 8888 by default     For Windows  Install Fiddler2 Tools - gt  Fiddler Options - gt  Connections and check  quot Allow remote computers to connect quot    General Setup  Go to Settings  gt  Wifi  gt  The i symbol  gt  At the bottom Proxy  gt  Set to manual and then for the server put the computer you are working on IP address  for port put 8888 as that is the default for each of these applications   ARP Spoofing General notes for the final section  if you want to sniff all the network traffic would be to use ARP spoofing to forward all the traffic from your iOS to a laptop desktop   There are multiple tools to ARP spoof and research would need to be done on all the specifics   This allows you to see every ounce of traffic as your router will route all data meant for the iOS device to the laptop desktop and then you will be forwarding this data to the iOS device  automatically   Please note I only recommend this as a last resort

User · Answer

Here is another way http   www tuaw com 2011 02 21 how-to-inspect-ioss-http-traffic-without-spending-a-dime   I didn t see Roger Nolan s reply  the above link is same workflow with a different tool

User · Answer

Try Debookee on Mac OS X which will intercept transparently the traffic of your iPhone without need of a proxy, thanks to MITM, as stated before. You'll then see in real time the different protocols used by your device.

Disclaimer: I'm part of the development team of Debookee, which is a paid application. The trial version will show you all functionnalities for a limited time.

User · Answer

A general solution would be to use a linux box  could be in a virtual machine  configured as a transparent proxy to intercept the traffic  and then analyse it using wireshark or tcpdump or whatever you like  Perhaps MacOS can do this also  I haven t tried   Or if you can run the app in the simulator  you can probably monitor the traffic on your own machine

User · Answer

The best solution I have found that Works   Connect your device thru USB  And type these commands    rvictl -s UDID -  id of device 20 chars  you can locate 4t in iTunes or organiser in Xcode  sudo launchctl list com apple rpmuxd sudo tcpdump -n -t -i rvi0 -q tcp OR   just sudo tcpdump -i rvi0 -n       If rvictl is not working install Xcode    For more info  Remote Virtual Interface  http   useyourloaf com blog 2012 02 07 remote-packet-capture-for-ios-devices html

User · Answer

You didnt specify the platform you use  so I assume it s a Mac  -   What I do is use a proxy  I use SquidMan  a standalone implementation of Squid  I start SquidMan on the Mac  then on the iPhone I enter the Proxy params in the General Wifi Settings   Then I can watch the HTTP trafic in the Console App  looking at the squid-access log  If I need more infos  I switch to tcpdump  but I suppose WireShark should work too

User · Answer

A general solution would be to use a linux box  could be in a virtual machine  configured as a transparent proxy to intercept the traffic  and then analyse it using wireshark or tcpdump or whatever you like  Perhaps MacOS can do this also  I haven t tried   Or if you can run the app in the simulator  you can probably monitor the traffic on your own machine

User · Answer

For Mac OS X  Install Charles Proxy In Charles go to Proxy  gt  Proxy Settings  It should display the HTTP proxy port  it s 8888 by default     For Windows  Install Fiddler2 Tools - gt  Fiddler Options - gt  Connections and check  quot Allow remote computers to connect quot    General Setup  Go to Settings  gt  Wifi  gt  The i symbol  gt  At the bottom Proxy  gt  Set to manual and then for the server put the computer you are working on IP address  for port put 8888 as that is the default for each of these applications   ARP Spoofing General notes for the final section  if you want to sniff all the network traffic would be to use ARP spoofing to forward all the traffic from your iOS to a laptop desktop   There are multiple tools to ARP spoof and research would need to be done on all the specifics   This allows you to see every ounce of traffic as your router will route all data meant for the iOS device to the laptop desktop and then you will be forwarding this data to the iOS device  automatically   Please note I only recommend this as a last resort

User · Answer

A man-in-the-middle proxy  like suggested by other answers  is a good solution if you only want to see HTTP HTTPS traffic   The best solution for packet sniffing  though it only works for actual iOS devices  not the simulator  I ve found is to use rvictl  This blog post has a nice writeup  Basically you do   rvictl -s  lt iphone-uid-from-xcode-organizer gt    Then you sniff the interface it creates with with Wireshark  or your favorite tool   and when you re done shut down the interface with   rvictl -x  lt iphone-uid-from-xcode-organizer gt    This is nice because if you want to packet sniff the simulator  you re having to wade through traffic to your local Mac as well  but rvictl creates a virtual interface that just shows you the traffic from the iOS device you ve plugged into your USB port   Note  this only works on a Mac

User · Answer

You didnt specify the platform you use  so I assume it s a Mac  -   What I do is use a proxy  I use SquidMan  a standalone implementation of Squid  I start SquidMan on the Mac  then on the iPhone I enter the Proxy params in the General Wifi Settings   Then I can watch the HTTP trafic in the Console App  looking at the squid-access log  If I need more infos  I switch to tcpdump  but I suppose WireShark should work too

User · Answer

Depending on what you want to do runnning it via a Proxy is not ideal  A transparent proxy might work ok as long as the packets do not get tampered with   I am about to reverse the GPS data that gets transferred from the iPhone to the iPad on iOS 4 3 x to get to the the vanilla data the best way to get a clean Network Dump is to use  tcpdump   and or  pirni  as already suggested   In this particular case where we want the Tethered data it needs to be as transparent as possible  Obviously you need your phone to be JailBroken for this to work

User · Answer

A general solution would be to use a linux box  could be in a virtual machine  configured as a transparent proxy to intercept the traffic  and then analyse it using wireshark or tcpdump or whatever you like  Perhaps MacOS can do this also  I haven t tried   Or if you can run the app in the simulator  you can probably monitor the traffic on your own machine

User · Answer

You didnt specify the platform you use  so I assume it s a Mac  -   What I do is use a proxy  I use SquidMan  a standalone implementation of Squid  I start SquidMan on the Mac  then on the iPhone I enter the Proxy params in the General Wifi Settings   Then I can watch the HTTP trafic in the Console App  looking at the squid-access log  If I need more infos  I switch to tcpdump  but I suppose WireShark should work too

User · Answer

You didnt specify the platform you use  so I assume it s a Mac  -   What I do is use a proxy  I use SquidMan  a standalone implementation of Squid  I start SquidMan on the Mac  then on the iPhone I enter the Proxy params in the General Wifi Settings   Then I can watch the HTTP trafic in the Console App  looking at the squid-access log  If I need more infos  I switch to tcpdump  but I suppose WireShark should work too

User · Answer

Run it through a proxy and monitor the traffic using Wireshark

User · Answer

A general solution would be to use a linux box  could be in a virtual machine  configured as a transparent proxy to intercept the traffic  and then analyse it using wireshark or tcpdump or whatever you like  Perhaps MacOS can do this also  I haven t tried   Or if you can run the app in the simulator  you can probably monitor the traffic on your own machine

User · Answer

Here is another way http   www tuaw com 2011 02 21 how-to-inspect-ioss-http-traffic-without-spending-a-dime   I didn t see Roger Nolan s reply  the above link is same workflow with a different tool

[iphone] How do you monitor network traffic on the iPhone?

Examples related to iphone

Examples related to security

Examples related to networking

Examples related to wireshark