I have tcpdump installed on my iPad which is connected to WiFi (WPA2). How do I capture packets sent/received by other devices on same network? UPD: iPad 1st gen, latest (5.1.x) iOS available.
Asked
Active
Viewed 5,269 times
1
-
Step 1: Get a computer that runs Windows or Linux. – KnightOfNi Mar 22 '14 at 16:59
-
Windows won't help much if he wants to use tcpdump; that uses WinPcap, which doesn't do monitor mode. Microsoft Network Monitor or some other such sniffer would be necessary. – Mar 22 '14 at 21:09
-
"I have tcpdump installed on my iPad which is connected to WiFi (WPA2). How do I capture packets sent/received by other devices on same network?" Presumably by "capture" you mean "capture to a file to read with a tool such as Wireshark", as tcpdump doesn't include any code to decrypt WPA/WPA2 traffic. – Mar 22 '14 at 21:12
-
http://dilbert.com/strips/comic/1995-06-24/ It's a 20 year old comic that sadly answers your question. – John Deters Mar 23 '14 at 01:18
1 Answers
1
In order to capture network traffic for other hosts you need to put your wireless device into monitor mode.
I would check out the following project on github - MonMob. If you update your question with some more specifics on your iOS/iPad and jailbreak information I will try to provide some more specific resources.
Eric G
- 9,771
- 5
- 33
- 60
-
-
Please add any specifics to your jailbreak setup. Also, have you tried to use tcpdump yet? If you are getting errors, please update with this information. If you have not yet tried, follow the guides and help and then let us know if there are any errors - please also confirm you can capture network traffic from another device to ensure your network is working. The more info you put in your question, the more we can help. – Eric G Mar 22 '14 at 15:23
-
Well, the problem is, I don't see pages requested, and I don't see any traffic going through port 80, even though I am browsing internet while capturing. Only traffic I see is one generated by same device. – RomaValcer Mar 22 '14 at 16:26