• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[APP] Shark for Root + SharkReader

Search This thread

ex87

Retired Recognized Developer
Sep 9, 2008
89
49
34
Ventspils
There were AndroShark, tool for capturing traffic on Android. But there were no newer releases and it seems that original developer dropped project. I liked this tool and used it a lot. But it was set to expire... So there was no simple capture tools available... http://forum.xda-developers.com/showthread.php?t=675206 is home of AndroShark.

So I made Shark for Root, alternative for AndroShark. Some people asked for possibility to see packets on phone, and for that purpose SharkReader has created (first, "quick and dirty" release).

Shark for Root

With tcpdump http://swapper.n3o.lv/lv.n3o.shark_1.0.2.apk
Native http://swapper.n3o.lv/lv.n3o.sharknative_1.0.2.apk


SharkReader - unstable...
(note - run Shark Updater to get traffic analysator)

http://swapper.n3o.lv/lv.n3o.sharkreader_0.1.6.apk

Older versions http://swapper.n3o.lv/
 
Last edited:

Infin8cyn

Member
Aug 3, 2009
17
1
If you press stop, it doesn't truly stop. tcpdump seems like it is still going in the background. The file will continue getting larger and larger even though it has been told to stop capturing.

Running CyanogenMod 6 RC1.
 

mike4824

Member
Mar 27, 2009
21
0
Thank you.

Far as I can tell it's working good, Thanks for the reader, helps a lot, I can see this program becoming a portable wireshark app for android, keep up the great work and thank you.
 

duffy1807

Senior Member
May 26, 2010
180
2
does this program work with rooted x10? i clcik on start and all i see is "not found".. my parameters are empty is this also correct ?

thanks
 

acips

New member
Jun 12, 2010
1
1
Could someone tell about using different parameters or point me to some website where i could study these?(now i got the defaults)

And when i open Shark reader i see many "RAW Packet" but i cant get any information from them, just "Packet #number".
.pcap files are fine when i open them with Wireshark.

At the bottom i see this: -NULL , what else i can use here and how it effects?

Interesting app, keep up the good work!:)
 
  • Like
Reactions: malware.ex3

mcampbellsmith

Senior Member
Jul 1, 2010
815
1,128
I also can not run Shark on my X10. I get the error 'reloc_library [1215]: cannot locate _aeabi_fdiv CANNOT LINK EXECUTABLE

Sent from my X10a using XDA App
 

ex87

Retired Recognized Developer
Sep 9, 2008
89
49
34
Ventspils
Could someone tell about using different parameters or point me to some website where i could study these?(now i got the defaults)

And when i open Shark reader i see many "RAW Packet" but i cant get any information from them, just "Packet #number".
.pcap files are fine when i open them with Wireshark.

At the bottom i see this: -NULL , what else i can use here and how it effects?

Interesting app, keep up the good work!:)

Hello!
For Shark for Root parameters look at some examples/manuals about tcpdump. F.e. http://www.cs.ucr.edu/~marios/ethereal-tcpdump.pdf

Shark reader marks packets as RAW if it does not recognize it (currently it means it's not tcp/udp packet).

For filters you can use any tag and any tag with - sign. Tags are those in first column. Traffic is tagged by content (signature) and port. Signatures and ports you may update with Shark Updater (included in Shark Reader), but I have too little time to manage all those resources. I'll make this system public for tags submission/port submission, so interested users will be able to add necessary tags.
So, if you want to see only non zero bytes packets with http content, you may use this setting:
Code:
[ ] all [o] none | http -NULL |
Filters are processed in order. So http shows all http packets and -NULL hides those with nulls. First option works as global filter (show all or show none).

Warning! Not all traffic is tagged, so if you miss something, it could mean some tags are incorrectly assigned or skipped.
Hope it helps.



I also can not run Shark on my X10. I get the error 'reloc_library [1215]: cannot locate _aeabi_fdiv CANNOT LINK EXECUTABLE

Sent from my X10a using XDA App

Which OS version your X10a have? I saw that there are some problems with reloc_library in Android 1.5.
 
Last edited:

exx0

New member
Mar 9, 2010
3
0
hy there =) can you make a capture filter to msn conversations ? it would be nice =)
 

slow4g63

Member
Jun 6, 2008
25
0
I use an app similar called 3G Watchdog (it's free).
Let's you know how much data you've used with a widget too!
 

jcase

Retired Forum Mod / Senior Recognized Developer
Feb 20, 2010
6,331
15,773
Sequim WA
ex87,

Awesome work bro, life got too busy for me to work more on AndroShark, I really didn't drop it on purpose. But with a busy life, and me still really new at java, it was just too much. I am really glad you picked up the idea and ran with it.

Do you have any plans to opensource it at all (no worries if you dont)? I would like to be a contributor if you do decide to open source it.

I really doubt this is of any use. It was the second java app I ever worked on, and was really just a front end. Below is androshark source code. Like I said, this was my second attempt at writing an app, so please don't laugh :) If I were to do it today, I would completely change how it worked. /res/raw/sharktap was just tcpdump.


Code:
import java.io.BufferedReader;
import java.io.File;
import java.io.FileOutputStream;
import java.io.InputStream;
import android.app.Activity;
import android.app.AlertDialog;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.RadioButton;
import android.widget.RadioGroup;
import android.widget.TextView;
/**
 * ToDo:
 * Check for root
 * Check for first run
 * 		Install Binaries on first run
 * Check for sdcard mount
 * Display file stats
 * Name pcap based on file name
 * Insert License 
 * kill sharktap on die
 * 
 * @author jcase
 *
 */


	public class androshark extends Activity implements /*RadioGroup.OnCheckedChangeListener,*/  Button.OnClickListener  {
		Button btnStart, btnStop;
		RadioButton radAll, rad3g, radWifi; //http://java.dzone.com/articles/google-android-tutorial?page=0,4
	    RadioGroup grpRadio;
	    TextView txtStatus, txtFilename, txtFilesize;
	    
      
       
	    
		/** Called when the activity is first created. */
		   @Override
		   
		   
		   
		   public void onCreate(Bundle savedInstanceState) {
		       super.onCreate(savedInstanceState);
		        setContentView(R.layout.main);
		        btnStart = (Button)this.findViewById(R.id.btnStart);
		        btnStart.setOnClickListener(this);
		        btnStop = (Button)this.findViewById(R.id.btnStop);
		        btnStop.setOnClickListener(this);
		        long epoch = System.currentTimeMillis()/1000;

		        
		     
		        boolean exists = (new File("/data/data/net.andirc.androshark/files/sharktap")).exists();
		        if (exists) {
		        } else {
					   Process myproc = null;
					       try
					       {
									     try{
									    	    String strDirectoy ="/data/data/net.andirc.androshark/files";
									    	    new File(strDirectoy).mkdir();

									     }
									     finally {} 
										 InputStream ins = getResources().openRawResource(R.raw.sharktap);
										 int size = ins.available();
										 byte[] buffer = new byte[size];
										 ins.read(buffer);
										 ins.close(); 
										 FileOutputStream fos = new FileOutputStream("/data/data/net.andirc.androshark/files/sharktap");
										 fos.write(buffer);
										 fos.close();
			 
					       }
					        
					       catch (Exception ex)
					       {
					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
					       }

					       finally {}
		        	
		        }
		        
		        boolean exists2 = (new File("/sdcard/androshark/")).exists();
		        if (exists2) {
		     

		        } else {
		        	if (android.os.Environment.getExternalStorageState().equals( 
		        			android.os.Environment.MEDIA_MOUNTED)) {
		        	
					   Process myproc = null;
				      
					       try
					       {
										 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c","chmod 755 /data/data/net.andirc.androshark/files/sharktap && mkdir /sdcard/androshark/"});					 
								         	new AlertDialog.Builder(this)  
										       .setMessage("This is a beta trial version of androshark and will expire on May 15th 2010. This app can potentially consume a lot of sdcard space, depending on how long you allow it to sniff traffic and how much bandwidth you are using.")
										       .setPositiveButton("OK", null)
										       .show();
					       }
					        
					       catch (Exception ex)
					       {
					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
					       }

					       finally {}
		        	} else {
			         	new AlertDialog.Builder(this)  
					       .setMessage("Error sd01: sdCard not found!")
					       .setPositiveButton("OK", null)
					       .show();
		        	}
		        }
		        
		        if (epoch >= 1273990849) { // May 15th 2010  1273990849
			      System.exit(0);
		        } 

	    } 
		   
		   
			public void onClick(View v) {
				
			   Process myproc = null;
		      
			       try
			       {

						if (v == btnStart) {
							if (android.os.Environment.getExternalStorageState().equals( 
				        			android.os.Environment.MEDIA_MOUNTED)) {
								
							
								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2) && /data/data/net.andirc.androshark/files/sharktap -vv -s 0 -w /sdcard/androshark/dump.pcap"});


								 
							        TextView txtStatus = 
								    (TextView)  this.findViewById(R.id.txtStatus); 
								    txtStatus.setText("Status: Running"); 
								        
							        TextView txtFilename = 
									(TextView)  this.findViewById(R.id.txtFilename); 
							        txtFilename.setText("Filename: /sdcard/androshark/dump.pcap"); 
							        
							    /*      int running = 1;
							          do {
							        	  File file = new File("/sdcard/androshark/dump.pcap");
											long length = file.length();
									        TextView txtFilesize = 
											(TextView)  this.findViewById(R.id.txtFilesize); 
										    txtFilesize.setText("File Size: " + length/1024 + "KB");
							          } while (running <= 1); */
								} else {
						         	new AlertDialog.Builder(this)  
								       .setMessage("Error sd02: sdCard not found!")
								       .setPositiveButton("OK", null)
								       .show();	
								}
							        
							        
							 } else if (v == btnStop) {
				
								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2)"});
								 myproc.waitFor();
								 
								 File file = new File("/sdcard/androshark/dump.pcap");
								 long length = file.length();

								 
							        TextView txtStatus = 
								    (TextView)  this.findViewById(R.id.txtStatus); 
								    txtStatus.setText("Status: Stopped");
							        TextView txtFilesize = 
									(TextView)  this.findViewById(R.id.txtFilesize); 
							        txtFilesize.setText("File Size: " + length/1024 + "KB");
							 } 

			       }
			        
			       catch (Exception ex)
			       {
			               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
			       }

			       finally {} 
		  


		}
		   
		
		   
	}
 
  • Like
Reactions: Appumon123

Top Liked Posts

  • There are no posts matching your filters.
  • 15
    There were AndroShark, tool for capturing traffic on Android. But there were no newer releases and it seems that original developer dropped project. I liked this tool and used it a lot. But it was set to expire... So there was no simple capture tools available... http://forum.xda-developers.com/showthread.php?t=675206 is home of AndroShark.

    So I made Shark for Root, alternative for AndroShark. Some people asked for possibility to see packets on phone, and for that purpose SharkReader has created (first, "quick and dirty" release).

    Shark for Root

    With tcpdump http://swapper.n3o.lv/lv.n3o.shark_1.0.2.apk
    Native http://swapper.n3o.lv/lv.n3o.sharknative_1.0.2.apk


    SharkReader - unstable...
    (note - run Shark Updater to get traffic analysator)

    http://swapper.n3o.lv/lv.n3o.sharkreader_0.1.6.apk

    Older versions http://swapper.n3o.lv/
    1
    Could someone tell about using different parameters or point me to some website where i could study these?(now i got the defaults)

    And when i open Shark reader i see many "RAW Packet" but i cant get any information from them, just "Packet #number".
    .pcap files are fine when i open them with Wireshark.

    At the bottom i see this: -NULL , what else i can use here and how it effects?

    Interesting app, keep up the good work!:)
    1
    ex87,

    Awesome work bro, life got too busy for me to work more on AndroShark, I really didn't drop it on purpose. But with a busy life, and me still really new at java, it was just too much. I am really glad you picked up the idea and ran with it.

    Do you have any plans to opensource it at all (no worries if you dont)? I would like to be a contributor if you do decide to open source it.

    I really doubt this is of any use. It was the second java app I ever worked on, and was really just a front end. Below is androshark source code. Like I said, this was my second attempt at writing an app, so please don't laugh :) If I were to do it today, I would completely change how it worked. /res/raw/sharktap was just tcpdump.


    Code:
    import java.io.BufferedReader;
    import java.io.File;
    import java.io.FileOutputStream;
    import java.io.InputStream;
    import android.app.Activity;
    import android.app.AlertDialog;
    import android.os.Bundle;
    import android.util.Log;
    import android.view.View;
    import android.widget.Button;
    import android.widget.RadioButton;
    import android.widget.RadioGroup;
    import android.widget.TextView;
    /**
     * ToDo:
     * Check for root
     * Check for first run
     * 		Install Binaries on first run
     * Check for sdcard mount
     * Display file stats
     * Name pcap based on file name
     * Insert License 
     * kill sharktap on die
     * 
     * @author jcase
     *
     */
    
    
    	public class androshark extends Activity implements /*RadioGroup.OnCheckedChangeListener,*/  Button.OnClickListener  {
    		Button btnStart, btnStop;
    		RadioButton radAll, rad3g, radWifi; //http://java.dzone.com/articles/google-android-tutorial?page=0,4
    	    RadioGroup grpRadio;
    	    TextView txtStatus, txtFilename, txtFilesize;
    	    
          
           
    	    
    		/** Called when the activity is first created. */
    		   @Override
    		   
    		   
    		   
    		   public void onCreate(Bundle savedInstanceState) {
    		       super.onCreate(savedInstanceState);
    		        setContentView(R.layout.main);
    		        btnStart = (Button)this.findViewById(R.id.btnStart);
    		        btnStart.setOnClickListener(this);
    		        btnStop = (Button)this.findViewById(R.id.btnStop);
    		        btnStop.setOnClickListener(this);
    		        long epoch = System.currentTimeMillis()/1000;
    
    		        
    		     
    		        boolean exists = (new File("/data/data/net.andirc.androshark/files/sharktap")).exists();
    		        if (exists) {
    		        } else {
    					   Process myproc = null;
    					       try
    					       {
    									     try{
    									    	    String strDirectoy ="/data/data/net.andirc.androshark/files";
    									    	    new File(strDirectoy).mkdir();
    
    									     }
    									     finally {} 
    										 InputStream ins = getResources().openRawResource(R.raw.sharktap);
    										 int size = ins.available();
    										 byte[] buffer = new byte[size];
    										 ins.read(buffer);
    										 ins.close(); 
    										 FileOutputStream fos = new FileOutputStream("/data/data/net.andirc.androshark/files/sharktap");
    										 fos.write(buffer);
    										 fos.close();
    			 
    					       }
    					        
    					       catch (Exception ex)
    					       {
    					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
    					       }
    
    					       finally {}
    		        	
    		        }
    		        
    		        boolean exists2 = (new File("/sdcard/androshark/")).exists();
    		        if (exists2) {
    		     
    
    		        } else {
    		        	if (android.os.Environment.getExternalStorageState().equals( 
    		        			android.os.Environment.MEDIA_MOUNTED)) {
    		        	
    					   Process myproc = null;
    				      
    					       try
    					       {
    										 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c","chmod 755 /data/data/net.andirc.androshark/files/sharktap && mkdir /sdcard/androshark/"});					 
    								         	new AlertDialog.Builder(this)  
    										       .setMessage("This is a beta trial version of androshark and will expire on May 15th 2010. This app can potentially consume a lot of sdcard space, depending on how long you allow it to sniff traffic and how much bandwidth you are using.")
    										       .setPositiveButton("OK", null)
    										       .show();
    					       }
    					        
    					       catch (Exception ex)
    					       {
    					               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
    					       }
    
    					       finally {}
    		        	} else {
    			         	new AlertDialog.Builder(this)  
    					       .setMessage("Error sd01: sdCard not found!")
    					       .setPositiveButton("OK", null)
    					       .show();
    		        	}
    		        }
    		        
    		        if (epoch >= 1273990849) { // May 15th 2010  1273990849
    			      System.exit(0);
    		        } 
    
    	    } 
    		   
    		   
    			public void onClick(View v) {
    				
    			   Process myproc = null;
    		      
    			       try
    			       {
    
    						if (v == btnStart) {
    							if (android.os.Environment.getExternalStorageState().equals( 
    				        			android.os.Environment.MEDIA_MOUNTED)) {
    								
    							
    								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2) && /data/data/net.andirc.androshark/files/sharktap -vv -s 0 -w /sdcard/androshark/dump.pcap"});
    
    
    								 
    							        TextView txtStatus = 
    								    (TextView)  this.findViewById(R.id.txtStatus); 
    								    txtStatus.setText("Status: Running"); 
    								        
    							        TextView txtFilename = 
    									(TextView)  this.findViewById(R.id.txtFilename); 
    							        txtFilename.setText("Filename: /sdcard/androshark/dump.pcap"); 
    							        
    							    /*      int running = 1;
    							          do {
    							        	  File file = new File("/sdcard/androshark/dump.pcap");
    											long length = file.length();
    									        TextView txtFilesize = 
    											(TextView)  this.findViewById(R.id.txtFilesize); 
    										    txtFilesize.setText("File Size: " + length/1024 + "KB");
    							          } while (running <= 1); */
    								} else {
    						         	new AlertDialog.Builder(this)  
    								       .setMessage("Error sd02: sdCard not found!")
    								       .setPositiveButton("OK", null)
    								       .show();	
    								}
    							        
    							        
    							 } else if (v == btnStop) {
    				
    								 myproc = Runtime.getRuntime().exec(new String[] {"su", "-c", "kill $(ps | grep sharktap | tr -s  ' ' | cut -d ' ' -f2)"});
    								 myproc.waitFor();
    								 
    								 File file = new File("/sdcard/androshark/dump.pcap");
    								 long length = file.length();
    
    								 
    							        TextView txtStatus = 
    								    (TextView)  this.findViewById(R.id.txtStatus); 
    								    txtStatus.setText("Status: Stopped");
    							        TextView txtFilesize = 
    									(TextView)  this.findViewById(R.id.txtFilesize); 
    							        txtFilesize.setText("File Size: " + length/1024 + "KB");
    							 } 
    
    			       }
    			        
    			       catch (Exception ex)
    			       {
    			               Log.e("yourTag", "Oops something happened: " + ex.getMessage(), ex);
    			       }
    
    			       finally {} 
    		  
    
    
    		}
    		   
    		
    		   
    	}
    1
    Can some please explain in lamon terms what this does? :confused:

    LOL this is nothing like that my friend.. nothing at all

    Apparently you know, and still haven't helped those of us who have no idea what this app is for! :p
    1
    How can I keep the app running even when I have closed the window??
    Is there a way of keeping the application running for like good half an hour in the background so that I can do other things with my phone at the same time??
    It's not possible yet by using only this app, but planning to be on next release (running app as an service).
    Meanwhile you may try some memory optimization applications which can set killing priorities for applications.