Monitor iphone application api calls - iphone

I was wondering if there is any way to monitor 3rd party iphone applications' api calls? For instance if application access address book is there a way to monitor that or intercept call? I understand it may not be possible to do so without jail-breaking, but is even possibility after having jail broken the phone?
Thanks!

Yes..
Download the mitmproxy tool and set it up by going to the folder of
mitmproxy and running sudo python setup.py install. If all goes well,
mitmproxy must be available in your $PATH.
Start mitmproxy by running
mitmproxy.
Obtain the IP address of your computer by running ifconfig
en1 (or whatever is the interface that you are using).
Set the proxy
on your iPhone by going to your wireless settings, setting the proxy
to be “Manual”, and set the IP to be your computer’s IP and the port
as 8080.
Source and awesome use case...
http://mclov.in/2012/02/08/path-uploads-your-entire-address-book-to-their-servers.html

No there isn't.
You can howerver, starting in iOS4, see what apps have used location services (you can find this in settings.app).

If you jailbreak the phone, you can replace the frameworks and add any required logging. It's going to be pretty difficult to do, though.

Related

Fiddler 4-iOS 10.2.1 cannot reach internet after configure proxy

I am following this instruction http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureForiOS. Everything works until section Set the iOS Device Proxy.
Once I set the proxy on my iPhone, I can't connect to the internet from the phone anymore. Not even accessing the echo page, which I could access before turning on the proxy on the phone. I already installed the root cert on my phone, the makecert add-on on Fiddler
Could someone help with ideas to diagnose the issue here? Thanks,
What might be stopping your iphone from reaching your Fiddler machine on the port specified, usually 8888?
Have you a firewall on the Fiddler machine? You might need to open
the port.
Does your LAN have an automatic redirect to a login page? Ours
does, so I have to disable the proxy on the iphone while I login,
then reenable it.
Does your LAN expose the IPs of cable-connected machines to WIFI
users? Not all do.
Can you browse a simple web page on your Fiddler machine from your
iphone, before starting fiddler or doing any proxy configuration?
You might need to get really serious and install a ping utility on the iphone.

Debugging network connections on the iPad. Any tools or techniques?

I'm trying to get my iPad (3rd gen) to access a website on my workstation over an https connection (though I should perhaps mention I cannot connect to it over HTTP either). The aim is to have a working demo of two-way authentication with certificates.
I've installed the client cert on the iPad and a number of Windows and OSX machines on our network. But the iPad seems to be having trouble getting the IP from the local DNS server or perhaps hitting the DNS server at all. As there doesn't seem to be a Hosts file or any way of debugging the network side of the iPad I'm a bit stuck.
Does anyone have any hints/tips/tools that could make my life half-way bearable?
Unfortunately things like you mention aren't built in in iOS. I would have a look in the App Store and get an app to perform pings and do DNS lookups. Maybe NetTools could work for you?

How can I find the IP of a network service from the iPhone

I want to use some sort of nmap-like functionality to autodiscover a ASP.NET web server (running on port 443) somewhere on the network. This way users don't have to find and enter the IP manually. Is there a good/clean way to do this?
Thanks to #ceejaoz's comment above, I was able to do this pretty easily in Bonjour.
I used Mono.Zeroconf, a .NET/Mono Bonjour library, to advertise the service, and the default iOS NSNetService stuff to resolve it on the iPhone. (There's plenty of tutorials on how to do this around the nets).
I made a Windows Service in Visual Studio to actually run the code that advertises the ip and port, since a web service isn't really a good place for that.
One big caveat (as of December 2010): the Bonjour DLLs that come with Mono.Zeroconf are totally broken (no errors, they just don't do anything). Steal the ones from Pidgin instead.

iPhone - access XAMPP server (localhost) on my mac in the same network

I want to create an iPhone app which makes calls to a web service. For testing, I want to first create the API calls on my mac (server running XAMPP) and if it works fine there I want to port it to the actual server.
If my iPhone and mac are on the same network, can I access the web service using the IP address of my mac?
Thanks.
Any time someone answers with "why not," ignore the post. This just takes up space and adds absolutely no value...their post imitating their life.
Anyway, I access my laptop localhost (WAMP stack) from my iPod Touch by entering the IP address of my laptop on my Touch location bar. There is some configuration that needs to happen for this to work. I found what I needed at:
http://www.frihost.com/forums/vt-88381.html
Good Luck!
I can not speak about actual development, however I access intranet pages from a Ipod Touch all the time by either typing http ://ip or http://local_dns_name
As long as the iphone / ipod is on the network correctly (e.g. through standard wifi and not 3g/whatever) you should be able to access any and all local resources.
What I do:
Connected to the same network, I go in to the wireless settings and create a manual proxy that points to my machine. I use Charles proxy for testing a lot/seeing traffic, works like a charm and it lets me use my macbook hosts file so I don't need to do any funky listening rules in apache - just the same vhost settings I use on my machine already.
http://www.charlesproxy.com/documentation/faqs/using-charles-from-an-iphone/
Why not?
Have you tried it and have some problems?

How do you monitor network traffic on the iPhone? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
The community reviewed whether to reopen this question 9 months ago and left it closed:
Original close reason(s) were not resolved
Improve this question
We are looking for a Wireshark-like tool to use on the iPhone to test a 3rd party application before partnering with the 3rd party. Any suggestions?
A man-in-the-middle proxy, like suggested by other answers, is a good solution if you only want to see HTTP/HTTPS traffic.
The best solution for packet sniffing (though it only works for actual iOS devices, not the simulator) I've found is to use rvictl. This blog post has a nice writeup. Basically you do:
rvictl -s <iphone-uid-from-xcode-organizer>
Then you sniff the interface it creates with with Wireshark (or your favorite tool), and when you're done shut down the interface with:
rvictl -x <iphone-uid-from-xcode-organizer>
This is nice because if you want to packet sniff the simulator, you're having to wade through traffic to your local Mac as well, but rvictl creates a virtual interface that just shows you the traffic from the iOS device you've plugged into your USB port.
Note: this only works on a Mac.
You didnt specify the platform you use, so I assume it's a Mac ;-)
What I do is use a proxy. I use SquidMan, a standalone implementation of Squid
I start SquidMan on the Mac, then on the iPhone I enter the Proxy params in the General/Wifi Settings.
Then I can watch the HTTP trafic in the Console App, looking at the squid-access.log
If I need more infos, I switch to tcpdump, but I suppose WireShark should work too.
I use Charles Web Debugging Proxy it costs but they have a trial version.
It is very simple to set up if your iPhone/iPad share the same Wifi network as your Mac.
Install Charles on your Mac
Get the IP address for your Mac - use the Mac "Network utility"
On your iPhone/iPad open the Wifi settings and under the "HTTP
Proxy" change to manual and enter the IP from step (2) and then Port
to 8888 (Charles default Port)
Open Charles and under the Proxy Settings dialogmake sure the
“Enable Mac OS X Proxy” and “Use HTTP Proxy” are ticked
You should now see the traffic appearing within Charles
If you want to look at HTTPS traffic you need to do the additional 2 steps download the
Charles Certificate Bundle and then email the .crt file to your
iPhone/iPad and install.
In the Proxy Settings Dialog SSL tab, add the specific https top
level domains you want to sniff with port 443.
If your Mac and iOS device are not on the same Wifi network you can set up your Mac as a Wifi router using the "Internet Sharing" option under Sharing in the System Preferences. You then connect your device to that "Wifi" network and follow the steps above.
Run it through a proxy and monitor the traffic using Wireshark.
For Mac OS X
Install Charles Proxy
In Charles go to Proxy > Proxy Settings. It should display the HTTP proxy port (it's 8888 by default).
For Windows
Install Fiddler2
Tools -> Fiddler Options -> Connections and check "Allow remote computers to connect"
General Setup
Go to Settings > Wifi > The i symbol > At the bottom Proxy > Set to manual and then for the server put the computer you are working on IP address, for port put 8888 as that is the default for each of these applications
ARP Spoofing
General notes for the final section, if you want to sniff all the network traffic would be to use ARP spoofing to forward all the traffic from your iOS to a laptop/desktop. There are multiple tools to ARP spoof and research would need to be done on all the specifics. This allows you to see every ounce of traffic as your router will route all data meant for the iOS device to the laptop/desktop and then you will be forwarding this data to the iOS device (automatically).
Please note I only recommend this as a last resort.
On a jailbroken iPhone/iPod capturing traffic is done nicely by both "tcpdump" and "pirni"- available in the cydia repository. Analysis of these data are done by tranfering the capture over to another machine and using something like wireshark. However, given the active development that seems to be going on with these tools it's possible that soon the iPhone will handle it all.
The best solution I have found that Works:
Connect your device thru USB
And type these commands:
rvictl -s UDID - (id of device 20 chars, you can locate 4t in iTunes or organiser in Xcode)
sudo launchctl list com.apple.rpmuxd
sudo tcpdump -n -t -i rvi0 -q tcp
OR just sudo tcpdump -i rvi0 -n
If rvictl is not working install Xcode
For more info:
Remote Virtual Interface
http://useyourloaf.com/blog/2012/02/07/remote-packet-capture-for-ios-devices.html
Without knowing exactly what your requirements are, here's what I did to see packts go by from the iPhone: Connect a mac on ethernet, share its network over airport and connect the iPhone to that wireless network. Run Wireshark or Packet Peeper on the mac.
Here is another way http://www.tuaw.com/2011/02/21/how-to-inspect-ioss-http-traffic-without-spending-a-dime/
I didn't see Roger Nolan's reply, the above link is same workflow with a different tool.
Depending on what you want to do runnning it via a Proxy is not ideal. A transparent proxy might work ok as long as the packets do not get tampered with.
I am about to reverse the GPS data that gets transferred from the iPhone to the iPad on iOS 4.3.x to get to the the vanilla data the best way to get a clean Network Dump is to use "tcpdump" and/or "pirni" as already suggested.
In this particular case where we want the Tethered data it needs to be as transparent as possible. Obviously you need your phone to be JailBroken for this to work.
Try Debookee on Mac OS X which will intercept transparently the traffic of your iPhone without need of a proxy, thanks to MITM, as stated before.
You'll then see in real time the different protocols used by your device.
Disclaimer: I'm part of the development team of Debookee, which is a paid application. The trial version will show you all functionnalities for a limited time.
A general solution would be to use a linux box (could be in a virtual machine) configured as a transparent proxy to intercept the traffic, and then analyse it using wireshark or tcpdump or whatever you like. Perhaps MacOS can do this also, I haven't tried.
Or if you can run the app in the simulator, you can probably monitor the traffic on your own machine.
Com'on, no mention of Fiddler? Where's the love :)
Fiddler is a very popular HTTP debugger aimed at developers and not network admins (i.e. Wireshark).
Setting it up for iOS is fairly simple process. It can decrypt HTTPS traffic too!
Our mobile team is finally reliefed after QA department started using Fiddler to troubleshoot issues. Before fiddler, people fiddled around to know who to blame, mobile team or APIs team, but not anymore.