i have iphone 3 with OS4 (not jailbreaked) and i want to inspect some apps http request urls , i tried fiddler but its not worked , anyone has idea? is the device must be jail breaked? i got ubuntu / windows so i can use one of them , if anyone knows how to do it please answer
If the device is using WiFi and you have a Wireless Network card that can enter promiscuous mode then you can use WireShark to sniff the raw packets. Use Follow TCP Stream to reconstruct the HTTP requests. More information can be found at http://www.wireshark.org
Another option is to force your device to use an HTTP Proxy and then inspect that traffic. There is a guide to doing this here: http://blog.jerodsanto.net/2009/06/sniff-your-iphones-network-traffic/
There is also a similar question here that should be helpful: iPhone and WireShark
Related
I've got quite a bit of experience using Charles to sniff out traffic being sent out on my iPhones. Almost every app that I choose to reverse engineer has been possible in large part to cURL and Charles. But, for some reason, this one app called Link seems to have a different way of communication with their server. I looked through my entire Chalres session and didn't see any relevant traffic from this app to an API endpoint. I don't have much experience actually making mobile apps, so perhaps there are other ways to process all of the requests that have to be generated upon using the app. But, how could all of the user's data be stored if no requests are being sent from the app to an external server somewhere?
Charles is an HTTP proxy, it is possible another protocol is being used. Possibly directly using TCP/IP connections.
Wireshark will show all packets in gory detail but you will probably not be able to see encrypted data decrypted without the key.
And the Wireshark UI is something to behold. ;-)
If the app runs on SSL you wouldn't be able to sniff any traffic either way. I design my apps that way at least. Could this be the case? Does it use port 443 instead of port 80?
Okay. Have a look at this post:
http://www.doubleencore.com/2013/03/ssl-pinning-for-increased-app-security/
SSL pinning might be the answer.
I am building a free voice call application on Android. I used OpenSIPs open source to make a SIP server and successfully make a call to another phone in WIFI network. However, I couldn't make a call when the phone uses cellular network like 3G/4G. I found out that I should make a STUN and TURN server to find exact SIP address.
Someone told me that it is hard to find SIP address if the user uses 3G or 4G network. So, he said I should use SBC to redirect voice data if I want to make good connections. He said I should make redirect servers to have good quality of service.
Is it possible to make a good voice call service with OpenSIPs server? If it is true, is there voice call services who used OpenSIPs open source? I've searched all documents, but couldn't find the answer.
Thank you.
I decided to make a SIP server using FreeSwitch Open Source. It was much better than OpenSIPs. I didn't have worry about NAT problem on FreeSwitch. It is also very easy to install a SIP server on Linux. Check out the website. http://freeswitch.org/
After downloading, compiling, and installing pjsip version 2.0 (from pjsip.org) into my iPhone project, I am having the following issue:
The problem is when I am using UDP, while on 3G.
While the iPhone device is on 3G - On incoming calls, I cann't hear the other party, however the other party can hear me. On outgoing calls on 3G, however, everything works just fine.
While the phone is on Wi-Fi, everything works great, incoming, outgoing, both parties hear fine.
Also, TCP works well for all scenarios, both 3G and Wi-Fi.
Tried implementing the solutions found here: http://trac.pjsip.org/repos/wiki/audio-problem-local-no-audio
But to no avail, been scratching my head for a while on this one ...
This will most likely be a problem to do with setup on either sip endpoint side with the main cause being NAT.
I would suggest that you setup both sip endpoints with STUN, TURN and ICE. You may be able to get around most NAT problems with STUN and ICE, but without a TURN server you will not be able to get around all network problems.
If both endpoints don't support STUN, TURN and ICE (e.g. a hardware sip device), then you would normally need to setup either a B2BUA (as a media gateway) or use some sort of media gateway that the sip proxy server supports.
As to the reason why your specific setup doesn't work, it would require the pjsip logs to understand what was going on and more information about the network environment for both sip endpoints.
You should try this. Add UDP transport inside startPjsipAndRegisterOnServer method.
{
// Init transport config structure
pjsua_transport_config cfg;
pjsua_transport_config_default(&cfg);
cfg.port = 5080;
status = pjsua_transport_create(PJSIP_TRANSPORT_UDP, &cfg, NULL);
if (status != PJ_SUCCESS) error_exit("Error creating transport", status);
}
I'm discovering capability of Iphone network programing. I have already working ICMP ECHO REQUEST / REPLAY using SOCK_DGRAM. And I would like to do more stuffs. For example port scan in NMap. Yes, I can use TCP connect(). But I wanna try to send TCP SYN.
My question is, can use raw sockets ? Because Iphone doesn't have root permission. And Unix Os need permission to use raw socket. But I found somewhere, that I can use SOCK_RAW and build own IP Header. Allows this Apple ?
Thanks for any reply.
You can't do that inside the SDK. If you are building a jailbreak app you can do this without any problem, probably you will need some headers, including the UDP header and possibly some BPF if you want to sniff packets (like tcpdump, which you can find a iPhone version on Saurik's repository) that are not present on the SDK. You can just copy them from Mac OS X (/usr/include) and put them on /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.2.sdk/usr/include/ for example.
I want to check the network requests an app is making from my iPhone. It's on the same WiFi network as my computer (or if it makes things easier, I can set it up to use an ad-hoc network). I don't want to see every packet, just the URLs which my iPhone is requesting. I don't care about the returned data all that much.
A simple solution would be much appreciated.
If you want to intercept the phone itself you'll need to point it at an http proxy you set up on a computer and watch the requests come through. Something like http://www.charlesproxy.com/ or there are most likely many free proxies.
Connect your computer to the rest
of your local network via Ethernet.
Turn on Internet Sharing from the
Sharing System Preference to share
your Ethernet connection via
AirPort.
Set your iPhone to
connect to the computer as its base
station.
Use Wireshark to
capture and analyze the packets.
I found a really nice repo on github named Wormholy https://github.com/pmusolino/Wormholy it will show every network request on your iphone, you only add it to your pod file and then on your app, you shake your phone and you will see all requests.
Easy to install
Transparent on your app usage
Overview and details of your request
Like so
Screenshot of wormholy usage