[APP] Shark for Root + SharkReader

Search This thread
By:
Advanced…
P

Pragya015

New member
Feb 18, 2011
1
0
Keep wireshark running in the background

How can I keep the app running even when I have closed the window??
Is there a way of keeping the application running for like good half an hour in the background so that I can do other things with my phone at the same time??
 
E

ex87

Retired Recognized Developer
Sep 9, 2008
89
49
36
Ventspils
Pragya015 said:
How can I keep the app running even when I have closed the window??
Is there a way of keeping the application running for like good half an hour in the background so that I can do other things with my phone at the same time??
Click to expand...
Click to collapse
It's not possible yet by using only this app, but planning to be on next release (running app as an service).
Meanwhile you may try some memory optimization applications which can set killing priorities for applications.
 
  • Like
Reactions: m4a1rifle
K

kneel

Member
Jan 16, 2011
10
0
Anyone willing to throw the .apk's up somewhere else? The domain hosting them has been down and still seems unavailable
 
J

JC_Yang

Member
Apr 29, 2011
7
0
problems regard run in emulator

Hi, ex87.
I've tried run shark for root(native) in an emulator(with android version 2.2) from SDK(which is said to be already in root), but it report "Shark error: Problems in launching sequence.. Do You have Root? Do you have 2 MB free on data partition?"

I've tried "adb root" and it does tell me "adbd is already running as root".
Any ideas?
 
spookamiester

spookamiester

Senior Member
Dec 5, 2008
1,083
223
Hey all,

I've been testing this on my DHD and trying to test the security of my Wifi network.
I am new to this so bear with me but I've started my session, used defaults, used my laptop to browse around and enter some stuff on Facebook etc without https.
I've opened shark reader and found some packets containing data but O open them and none of it makes sense to me.
I've had a look around and been over video tutorials for wireshark which were simple enough to understand but how would I go about deciphering any of this?
More specifically, how would I test if my password has been captured without https?

Any help would be much appreciated
 
snark_be

snark_be

Senior Member
Sep 17, 2008
677
75
Nexus 7 (2013)
Shark Reader captures the traffic that goes in or out from your smartphone, not from your laptop even if they are connected to the same router.

Actually, only if you use a hub (a dumb type of router), you can see all the traffic from all devices connected to it. Nowadays, routers only send to each device the data (in/out) relevant to the device itself, not the traffic from the other devices.

So what you captured is probably sync data from various apps running on your phone, maybe network/wifi negociation packets, but you will not capture the Facebook data from your laptop.
 
  • Like
Reactions: spookamiester
R

robplatt

Member
Sep 23, 2007
8
2
snark_be said:
Shark Reader captures the traffic that goes in or out from your smartphone, not from your laptop even if they are connected to the same router.

Actually, only if you use a hub (a dumb type of router), you can see all the traffic from all devices connected to it. Nowadays, routers only send to each device the data (in/out) relevant to the device itself, not the traffic from the other devices.

So what you captured is probably sync data from various apps running on your phone, maybe network/wifi negociation packets, but you will not capture the Facebook data from your laptop.
Click to expand...
Click to collapse

You can easily capture the data from a switch using arp injection. Thats what FaceNiff, Firesheep, and zxarps does.
 
Last edited:
M

Madbaires

Senior Member
Nov 26, 2010
76
3
ouch, reboot my phone when push Stop (Capture)

DHD
LeeDrOiD HD V3.1.3 GB
Kernel LeeDrOiD V3.1.4@1267MHz
Radio: 12.54.60.25_26.09.04.11_M2 + RIL
 
K

kobygold

Senior Member
Aug 13, 2011
81
17
Hi guys,
I've downloaded Shark, recorded a log and openned that log on my PC in Wireshark.
How can I know which app initiated each of the messages in the log?
I'm trying to spot an app that is using my 3G network and drains my battery.

I'm new to all of this, so any help would be appreciated.
 
Last edited:
S

ssssssss

New member
Jun 19, 2008
1
0
kobygold said:
Hi guys,
I've downloaded Shark, recorded a log and openned that log on my PC in Wireshark.
How can I know which app initiated each of the messages in the log?
I'm trying to spot an app that is using my 3G network and drains my battery.

I'm new to all of this, so any help would be appreciated.
Click to expand...
Click to collapse

There's no way to tell which app is sending data with tcpdump's... dumps. I guess you could analyze the traffic by destination IP or try to see what's going in/out often to guess at which app is the culprit, but that'd be kind of tedious. If all you want to do is see what's using your bandwidth, there are a number of apps that monitor traffic usage and provide statistics per app.

The first free one I found is called "TrafficInfo," by curvefish. I haven't tried it, so that's not an endorsement or anything. Also I can't post a link because I don't have enough posts, sorry.
 
walts

walts

Senior Member
Apr 11, 2006
399
74
kobygold said:
Hi guys,
I've downloaded Shark, recorded a log and openned that log on my PC in Wireshark.
How can I know which app initiated each of the messages in the log?
I'm trying to spot an app that is using my 3G network and drains my battery.

I'm new to all of this, so any help would be appreciated.
Click to expand...
Click to collapse

This isn't a direct answer to your Shark question - I agree with sssss about the difficulty of attaching packets to applications - but if you are really interested in battery usage, "Android Booster" from NetQin has a "Power Details" tab that lists battery consumption by application. It's available in the Market. BTW, I have no idea how it gathers the power consumption data! Maybe it's just logging run time or something.

There are also a number of Battery Loggers available - you can try to correlate battery drain with what you were doing in a given time period.

Walt
 
M

murtazaghulam

New member
Jul 17, 2010
1
0
need some urgent help

Hi,
I want to develop a bandwidth estimator for android. Now, I have tcpdump traces. I want to parse these pcap files to get tcp congestion window data. Is there any body who knows if somebody has this parser to get window size value from packet.
So that I dont have to re-invent the wheel (and save lots of energy and resources :)). And I am happy to share it with you guys once it is ready.
Regards,
Ghulam
 
D

Doug8307

Member
Jul 27, 2010
35
2
Hi guys
Pardon my ignorance on the subject.. I'm brand new to Shark for Root.

I'm trying to improve my hosts file for AdAway so I downloaded Shark for Root and Shark Reader per AdAway's FAQ. The .pcap file is all IP addresses, so how do I find out which hostnames to add?

Also, what do the -vv and -s parameters mean? Is there a list of all parameters available?

Thanks!
 
riahc3

riahc3

Senior Member
Oct 28, 2009
1,828
237
Where is this app or are there any new alternatives?

Links dont work.
 
J

Jinoxide

New member
Aug 27, 2010
3
1
riahc3: This app appears to be on the Play Marketplace, now, though it hasn't been updated in a while.

lv.n3o.sharkreader - Shark Reader
lv.n3o.shark - Shark

Turns out I can't post links, but there are the IDs for searching on the market.
 
E

Eruru

New member
Sep 21, 2012
1
0
hello guys sorry for my bad english but i have a problem with shark!
Shark doesn't capture traffic produced by my smartphone(galaxy ace s5830i)! If I run shark on a wifi network(with default configuration) it captures all packets from other devices connected but not the traffic produced by my smartphone... if i run it on 3g and i visit any webpage with the browser of my smartphone in the log file there are only raw packet :(
Any ideas? Thanks
 
You must log in or register to reply here.

Similar threads

C
  • Locked
[APP]SuperOneClick v2.3.3 - Motorola Exploit Added!
Replies
7K
Views
16M
vanessaem
vanessaem
Chainfire
[App] [26.04.2011][v1.2] GingerBreak APK (root for GingerBread)
Replies
2K
Views
5M
ZG089▼
ZG089▼
PerfectSlayer
[APP][ROOT/NONROOT][OFFICIAL] AdAway v6.1.1
Replies
18K
Views
7M
S
Sgtmack
R
  • Locked
[APP] z4root
Replies
3K
Views
7M
TRusselo
TRusselo
K
[ROOT ANDROID][2.x-6.0] KINGROOT: The One-Click Root Tool for Almost All Devices
Replies
8K
Views
6M
bobiba11
bobiba11

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 15
    E
    ex87
    There were AndroShark, tool for capturing traffic on Android. But there were no newer releases and it seems that original developer dropped project. I liked this tool and used it a lot. But it was set to expire... So there was no simple capture tools available... http://xdaforums.com/showthread.php?t=675206 is home of AndroShark.

    So I made Shark for Root, alternative for AndroShark. Some people asked for possibility to see packets on phone, and for that purpose SharkReader has created (first, "quick and dirty" release).

    Shark for Root

    With tcpdump http://swapper.n3o.lv/lv.n3o.shark_1.0.2.apk
    Native http://swapper.n3o.lv/lv.n3o.sharknative_1.0.2.apk


    SharkReader - unstable...
    (note - run Shark Updater to get traffic analysator)

    http://swapper.n3o.lv/lv.n3o.sharkreader_0.1.6.apk

    Older versions http://swapper.n3o.lv/
    View
    1
    A
    acips
    Could someone tell about using different parameters or point me to some website where i could study these?(now i got the defaults)

    And when i open Shark reader i see many "RAW Packet" but i cant get any information from them, just "Packet #number".
    .pcap files are fine when i open them with Wireshark.

    At the bottom i see this: -NULL , what else i can use here and how it effects?

    Interesting app, keep up the good work!:)
    View
    1
    jcase
    jcase
    ex87,

    Awesome work bro, life got too busy for me to work more on AndroShark, I really didn't drop it on purpose. But with a busy life, and me still really new at java, it was just too much. I am really glad you picked up the idea and ran with it.

    Do you have any plans to opensource it at all (no worries if you dont)? I would like to be a contributor if you do decide to open source it.

    I really doubt this is of any use. It was the second java app I ever worked on, and was really just a front end. Below is androshark source code. Like I said, this was my second attempt at writing an app, so please don't laugh :) If I were to do it today, I would completely change how it worked. /res/raw/sharktap was just tcpdump.


    Code: 
    import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import android.app.Activity;
import android.app.AlertDialog;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.RadioButton;
import android.widget.RadioGroup;
import android.widget.TextView;
/**
 * ToDo:
 * Check for root
 * Check for first run
 * 		Install Binaries on first run
 * Check for sdcard mount
 * Display file stats
 * Name pcap based on file name
 * Insert License 
 * kill sharktap on die
 * 
 * @author jcase
 *
 */


	public class androshark extends Activity implements /*RadioGroup.OnCheckedChangeListener,*/  Button.OnClickListener  {
		Button btnStart, btnStop;
		RadioButton radAll, rad3g, radWifi; //http://java.dzone.com/articles/google-android-tutorial?page=0,4
	    RadioGroup grpRadio;
	    TextView txtStatus, txtFilename, txtFilesize;
	    
      
       
	    
		/** Called when the activity is first created. */
		   @Override
		   
		   
		   
		   public void onCreate(Bundle savedInstanceState) {
		       super.onCreate(savedInstanceState);
		        setContentView(R.layout.main);
		        btnStart = (Button)this.findViewById(R.id.btnStart);
		        btnStart.setOnClickListener(this);
		        btnStop = (Button)this.findViewById(R.id.btnStop);
		        btnStop.setOnClickListener(this);
		        long epoch = System.currentTimeMillis()/1000;

		        
		     
		        boolean exists = (new File("/data/data/net.andirc.androshark/files/sharktap")).exists();
		        if (exists) {
		        } else {
					   Process myproc = null;
					       try
					       {
									     try{
									    	    String strDirectoy ="/data/data/net.andirc.androshark/files";
									    	    new File(strDirectoy).mkdir();

									     }
									     finally {} 
										 InputStream ins = getResources().openRawResource(R.raw.sharktap);
										 int size = ins.available();
										 byte[] buffer = new byte[size];
										 ins.read(buffer);
										 ins.close(); 
										 FileOutputStream fos = new FileOutputStream("/data/data/net.andirc.androshark/files/sharktap");
										 fos.write(buffer);
										 fos.close();
			 
					       }
					        
					       catch (Exception ex)
					       {
					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
					       }

					       finally {}
		        	
		        }
		        
		        boolean exists2 = (new File("/sdcard/androshark/")).exists();
		        if (exists2) {
		     

		        } else {
		        	if (android.os.Environment.getExternalStorageState().equals( 
		        			android.os.Environment.MEDIA_MOUNTED)) {
		        	
					   Process myproc = null;
				      
					       try
					       {
										 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c","chmod 755 /data/data/net.andirc.androshark/files/sharktap && mkdir /sdcard/androshark/"});					 
								         	new AlertDialog.Builder(this)  
										       .setMessage("This is a beta trial version of androshark and will expire on May 15th 2010. This app can potentially consume a lot of sdcard space, depending on how long you allow it to sniff traffic and how much bandwidth you are using.")
										       .setPositiveButton("OK", null)
										       .show();
					       }
					        
					       catch (Exception ex)
					       {
					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
					       }

					       finally {}
		        	} else {
			         	new AlertDialog.Builder(this)  
					       .setMessage("Error sd01: sdCard not found!")
					       .setPositiveButton("OK", null)
					       .show();
		        	}
		        }
		        
		        if (epoch >= 1273990849) { // May 15th 2010  1273990849
			      System.exit(0);
		        } 

	    } 
		   
		   
			public void onClick(View v) {
				
			   Process myproc = null;
		      
			       try
			       {

						if (v == btnStart) {
							if (android.os.Environment.getExternalStorageState().equals( 
				        			android.os.Environment.MEDIA_MOUNTED)) {
								
							
								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2) && /data/data/net.andirc.androshark/files/sharktap -vv -s 0 -w /sdcard/androshark/dump.pcap"});


								 
							        TextView txtStatus = 
								    (TextView)  this.findViewById(R.id.txtStatus); 
								    txtStatus.setText("Status: Running"); 
								        
							        TextView txtFilename = 
									(TextView)  this.findViewById(R.id.txtFilename); 
							        txtFilename.setText("Filename: /sdcard/androshark/dump.pcap"); 
							        
							    /*      int running = 1;
							          do {
							        	  File file = new File("/sdcard/androshark/dump.pcap");
											long length = file.length();
									        TextView txtFilesize = 
											(TextView)  this.findViewById(R.id.txtFilesize); 
										    txtFilesize.setText("File Size: " + length/1024 + "KB");
							          } while (running <= 1); */
								} else {
						         	new AlertDialog.Builder(this)  
								       .setMessage("Error sd02: sdCard not found!")
								       .setPositiveButton("OK", null)
								       .show();	
								}
							        
							        
							 } else if (v == btnStop) {
				
								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2)"});
								 myproc.waitFor();
								 
								 File file = new File("/sdcard/androshark/dump.pcap");
								 long length = file.length();

								 
							        TextView txtStatus = 
								    (TextView)  this.findViewById(R.id.txtStatus); 
								    txtStatus.setText("Status: Stopped");
							        TextView txtFilesize = 
									(TextView)  this.findViewById(R.id.txtFilesize); 
							        txtFilesize.setText("File Size: " + length/1024 + "KB");
							 } 

			       }
			        
			       catch (Exception ex)
			       {
			               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
			       }

			       finally {} 
		  


		}
		   
		
		   
	}
    View
    1
    Pao23
    Pao23
    racemepls said:
    Can some please explain in lamon terms what this does? :confused:
    Click to expand...
    Click to collapse

    shdwknt said:
    LOL this is nothing like that my friend.. nothing at all
    Click to expand...
    Click to collapse

    Apparently you know, and still haven't helped those of us who have no idea what this app is for! :p
    View
    1
    E
    ex87
    Pragya015 said:
    How can I keep the app running even when I have closed the window??
    Is there a way of keeping the application running for like good half an hour in the background so that I can do other things with my phone at the same time??
    Click to expand...
    Click to collapse
    It's not possible yet by using only this app, but planning to be on next release (running app as an service).
    Meanwhile you may try some memory optimization applications which can set killing priorities for applications.
    View

New posts