iOS抓包
1. 在mac上为iPhone或iPad建立虚拟网络接口
终端中输入(后面的参数为iPhone或iPad的UDID):
rvictl -s bffdc51b470f201972dd8f5975a321da11c9e8de
成功的话,终端显示:
Starting device bffdc51b470f201972dd8f5975a321da11c9e8de [SUCCEEDED]
2. 开始抓包
终端中输入(dump.pcap为生成的抓包文件名称,可任意命名;tcp为过滤条件,表示只抓tcp包,可也全部抓后在wireshark中再过滤)
sudo tcpdump -i rvi0 -n -s 0 -w dump.pcap tcp
成功的话,终端显示:
WARNING: Improper use of the sudo command could lead to data loss
or the deletion of important system files. Please double-check your
typing when using sudo. Type "man sudo" for more information.
To proceed, enter your password, or type Ctrl-C to abort.
Password:
输入sudo密码后,终端显示:
tcpdump: WARNING: rvi0: That device doesn't support promiscuous mode
(BIOCPROMISC: Operation not supported on socket)
tcpdump: WARNING: rvi0: no IPv4 address assigned
tcpdump: listening on rvi0, link-type PKTAP (Packet Tap), capture size 65535 bytes
此时dump.pcap文件已经生成,可以双击使用wireshark查看。
可以一边抓包,一边使用wireshark查看,只要刷新一下就可以了
3. 终端中按ctrl+C,停止抓包
成功的话,终端显示:
^C41 packets captured
80 packets received by filter
0 packets dropped by kernel