I want to observe streams between the original screen mirrored from and the target screen mirrored to to check something like frame loss, thus I'm thinking to sniff packets between sender and receiver.
Is there any plugins for Wireshark which enables me to do that..?
What you have to do is to route the network traffic through some network node that you can sniff on. Like your laptop.
I would connect the laptop to the Internet through ethernet and make a wifi hotspot on it. Then tell chromecast to connect to your hotspot. Now you're in the middle between chromecast and the Internet. Wireshark should be able to capture the traffic without any specific plugins.
Make sure you've enabled routing between ethernet and wifi hotspot.
Related
I have an Android device connected to my macbook via USB. The Android device is connected to a WiFi network, the same WiFi network that my macbook is connected to.
I wish to sniff network traffic going to the Android device (using WireShark). I then wish to filter that traffic by the MQTT protocol.
So far, I have tried doing this by running adb shell ip addr from my mac terminal in order to get the ip address of the wlan0 network. I took the inet address and plugged the ip address into the display filter on WireShark like so:
ip.addr == 192.168.190.123
However, no traffic is showing on there, nothing through MQTT protocol or any other protocol, but the device is definitely making network calls.
I am incredibly naive to network stuff, so I really feel lost. Can anyone point me in the right direction?
I am trying to send the wifi direct probe packets using raw sockets so that mobile devices will show them in wifi direct device list.
I am trying to capture packets first in Wireshark in monitor mode in order to understand the packet structure and compare with the P2P probe request packet mentioned in Wifi Direct specification.
But I am not able to capture the correct probe packet in Wireshark. Can anyone suggest me what I am missing in my approach?
I wasn't able to capture packets with filter WLAN.addr= XX:XX:XX:XX:XX:XX. (Actual wifi Mac address), as WiFi Direct Mac address is different and the first byte was different.For example If your wifi mac is 00:04:CB:CX:DE:E7 then WiFi-Direct address is 02:04:CB:CX:DE:E7.
Also, I am able to show the device listed when I sent probe response packet to the device.
I try to see the network trafic of my mobile device in my home wlan network.when I opened wireshark, listening on the WLAN Adapter and entered http.request.method == "GET"` to the wireshark filter.
All I can see is the requests from my laptop and not of my mobile device.
If I enter ip.addre == 10.0.0.30 i can see the protocolls BJNP, ICMP, IGMPv2 and so on.
What is the reason for this behavior?
In my opinion, if I can see a TCP IP Protocol, it should be also possible to see a HTTP request.
There are two things that need to happen in order for you to be able to sniff TCP traffic from another device.
Your device needs to receive the traffic you want to analyze, and
Your device must be configured in "promiscuous mode".
If promiscuous mode is disabled (which is the default), packets not intended for your laptop will never make it to Wireshark. They will instead be filtered out by your network adapter.
There are cases where this is not enough, for example, if you connect to a network with a layer 2 switch.
The first thing you need to ensure is that your network adapter is set to monitor or promiscuous mode, otherwise you just won't be able to see packets not meant for your NIC. Also, set your computer as an access point, and connect your phone to said access point.
If you're going to sniff HTTPS traffic don't forget to add your own certificate to the phone.
I have a basestation (beaglebone running linux) at my home which is connected to multiple cameras. I connect my iPhone iOS9 to the basestation via TCP and the basestation will stream the video of each camera to a specific UDP port. All is well.
I want to be able to see the cameras when I am not connected to the local network. When my phone is connected to LTE, I have the iPhone connecting to the public address of my router via TCP and with port forwarding, all data is forwarded to the basestation. I am connecting and talking just like it was on the local network with the TCP client. All is well.
The problem is when the video is streamed via UDP on a specific port, no different than when on the local network, the basestation has no problem sending the packets, but the iPhone is not receiving anything. I am using GCDASYNCUDPSOCKET and my cellular carrier is Verizon.
I am wondering if this issue is due to Verizon blocking UDP packets? Or possibly there needs to be something else done other than just binding the iPhone UDP socket to a specific port and calling the beginreceiving function. I feel if it works on the local network, it should work on the cellular network.
I have also tried to ping the address of my cellphone from my computer which does not work. I am guessing the reason is because the iPhone has blocked this. It should be no different than pinging the address of google or anything else.
Please give me some insight on the possible issues or work arounds. I don't think I need to port forward the UDP since it is only outgoing and my Netgear router does not limit any outbound traffic (from the router to the iPhone). I was doing all this TCP before trying to send the video via UDP. It is much slower waiting to receive acks for 5 cameras streaming live video. And when it doesn't receive a packet it backs up the buffer and causes more issues. Also I had an issue with the TCP packets combining together so then I had to implement some kind of custom ack which made the delay worse, or add an end of message, but then it slows down on parsing and since I don't know exactly what data is coming it made things more difficult.
UDP is the way to go, just cannot receive the packets at this time. My understanding is a lot of games use UDP and they work on LTE network, so I'm not quite sure what the problem is. Is there special UDP ports that only work with Verizon?
How does euclid analytics (http://euclidanalytics.com/product/how/) get the mac addresses of nearby smartphones? (Turning wifi ap into a smartphone sensor !) Do I need to do some instrumentation work on the wifi AP? Or is there another way can achieve the same goal?
if you can sniff wireless packets, you can see every wifi device, what is communicating ( except if its in sniffer mode too ), so basically they scanning for wifi signals, what you can see, but just if wifi and scanning is turned on the phone.
take a look at Kismet
but you myght need a wireless card what can go into sniffing mode