<?xml version="1.0" ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>androiddump - The Wireshark Network Analyzer 3.0.9</title> <link rel="stylesheet" href="ws.css" type="text/css" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rev="made" href="mailto:root@localhost" /> </head> <body> <h1 id="NAME">NAME</h1> <p>androiddump - Provide interfaces to capture from Android devices</p> <h1 id="SYNOPSIS">SYNOPSIS</h1> <p><b>androiddump</b> <span style="white-space: nowrap;">[ <b>--help</b> ]</span> <span style="white-space: nowrap;">[ <b>--version</b> ]</span> <span style="white-space: nowrap;">[ <b>--extcap-version</b> ]</span> <span style="white-space: nowrap;">[ <b>--debug</b> ]</span> <span style="white-space: nowrap;">[ <b>--extcap-interfaces</b> ]</span> <span style="white-space: nowrap;">[ <b>--extcap-dlts</b> ]</span> <span style="white-space: nowrap;">[ <b>--extcap-interface</b>=<interface> ]</span> <span style="white-space: nowrap;">[ <b>--extcap-config</b> ]</span> <span style="white-space: nowrap;">[ <b>--capture</b> ]</span> <span style="white-space: nowrap;">[ <b>--fifo</b>=<path to file or pipe> ]</span> <span style="white-space: nowrap;">[ <b>--adb-server-ip</b>=<IP address> ]</span> <span style="white-space: nowrap;">[ <b>--adb-server-tcp-port</b>=<TCP port> ]</span> <span style="white-space: nowrap;">[ <b>--logcat-text</b>=<TRUE or FALSE> ]</span> <span style="white-space: nowrap;">[ <b>--bt-server-tcp-port</b>=<TCP port> ]</span> <span style="white-space: nowrap;">[ <b>--bt-forward-socket</b>=<TRUE or FALSE> ]</span> <span style="white-space: nowrap;">[ <b>--bt-local-ip</b>=<IP address> ]</span> <span style="white-space: nowrap;">[ <b>--bt-local-tcp-port</b>=<TCP port> ]</span></p> <p><b>androiddump</b> <span style="white-space: nowrap;"> <b>--extcap-interfaces</b> </span> <span style="white-space: nowrap;">[ <b>--adb-server-ip</b>=<IP address> ]</span> <span style="white-space: nowrap;">[ <b>--adb-server-tcp-port</b>=<TCP port> ]</span></p> <p><b>androiddump</b> <span style="white-space: nowrap;"> <b>--extcap-interface</b>=<interface> </span> <span style="white-space: nowrap;">[ <b>--extcap-dlts</b> ]</span></p> <p><b>androiddump</b> <span style="white-space: nowrap;"> <b>--extcap-interface</b>=<interface> </span> <span style="white-space: nowrap;">[ <b>--extcap-config</b> ]</span></p> <p><b>androiddump</b> <span style="white-space: nowrap;"> <b>--extcap-interface</b>=<interface> </span> <span style="white-space: nowrap;"> <b>--fifo</b>=<path to file or pipe> </span> <span style="white-space: nowrap;"> <b>--capture</b> </span></p> <h1 id="DESCRIPTION">DESCRIPTION</h1> <p><b>Androiddump</b> is a extcap tool that provide interfaces to capture from Android device. There is only two requirements:</p> <p>1. You must have Android SDK and add it PATH environment variable. PATH should contain directory with tools like "adb" and "android". Android SDK for various platform are available on: https://developer.android.com/sdk/index.html#Other</p> <p>2. You must have permission to Android devices. Some Android devices requires on-screen authentication.</p> <p>Supported interfaces:</p> <dl> <dt id="Logcat-Main-binary-Jelly-Bean-or-text">1. Logcat Main (binary [<=Jelly Bean] or text)</dt> <dd> </dd> <dt id="Logcat-System-binary-Jelly-Bean-or-text">2. Logcat System (binary [<=Jelly Bean] or text)</dt> <dd> </dd> <dt id="Logcat-Events-binary-Jelly-Bean-or-text">3. Logcat Events (binary [<=Jelly Bean] or text)</dt> <dd> </dd> <dt id="Logcat-Radio-binary-Jelly-Bean-or-text">4. Logcat Radio (binary [<=Jelly Bean] or text)</dt> <dd> </dd> <dt id="Logcat-Crash-text-from-Lollipop">5. Logcat Crash (text; from Lollipop)</dt> <dd> </dd> <dt id="Bluetooth-Hcidump-Jelly-Bean">6. Bluetooth Hcidump [<=Jelly Bean]</dt> <dd> </dd> <dt id="Bluetooth-Bluedroid-External-Parser-Kitkat">7. Bluetooth Bluedroid External Parser [Kitkat]</dt> <dd> </dd> <dt id="Bluetooth-BtsnoopNet-Lollipop">8. Bluetooth BtsnoopNet [>=Lollipop]</dt> <dd> </dd> <dt id="WiFi-tcpdump-need-tcpdump-on-phone">9. WiFi tcpdump [need tcpdump on phone]</dt> <dd> </dd> </dl> <p>Please note that it will work also for FirefoxOS or other Android-based stuffs.</p> <h1 id="OPTIONS">OPTIONS</h1> <dl> <dt id="help">--help</dt> <dd> <p>Print program arguments.</p> </dd> <dt id="version">--version</dt> <dd> <p>Print program version.</p> </dd> <dt id="extcap-version">--extcap-version</dt> <dd> <p>Print extcapized version.</p> </dd> <dt id="debug">--debug</dt> <dd> <p>Print additional messages.</p> </dd> <dt id="extcap-interfaces">--extcap-interfaces</dt> <dd> <p>List available interfaces.</p> </dd> <dt id="extcap-interface-interface">--extcap-interface=<interface></dt> <dd> <p>Use specified interfaces.</p> </dd> <dt id="extcap-dlts">--extcap-dlts</dt> <dd> <p>List DLTs of specified interface.</p> </dd> <dt id="extcap-config">--extcap-config</dt> <dd> <p>List configuration options of specified interface.</p> </dd> <dt id="capture">--capture</dt> <dd> <p>Start capturing from specified interface save saved it in place specified by --fifo.</p> </dd> <dt id="fifo-path-to-file-or-pipe">--fifo=<path to file or pipe></dt> <dd> <p>Save captured packet to file or send it through pipe.</p> </dd> <dt id="adb-server-ip-IP-address">--adb-server-ip=<IP address></dt> <dd> <p>Use other then default (127.0.0.1) ADB daemon's IP address.</p> </dd> <dt id="adb-server-tcp-port-TCP-port">--adb-server-tcp-port=<TCP port></dt> <dd> <p>Use other then default (5037) ADB daemon's TCP port.</p> </dd> <dt id="logcat-text-TRUE-or-FALSE">--logcat-text=<TRUE or FALSE></dt> <dd> <p>If TRUE then use text logcat rather then binary. This option has effect only on Logcat interfaces. This have no effect from Lollipop where is no binary Logcat available.</p> <p>Defaults to FALSE.</p> </dd> <dt id="bt-server-tcp-port-TCP-port">--bt-server-tcp-port=<TCP port></dt> <dd> <p>Use other then default Bluetooth server TCP port on Android side. On Lollipop defaults is 8872, earlier 4330.</p> </dd> <dt id="bt-forward-socket-TRUE-or-FALSE">--bt-forward-socket=<TRUE or FALSE></dt> <dd> <p>If TRUE then socket from Android side is forwarded to host side.</p> <p>Defaults to FALSE.</p> </dd> <dt id="bt-local-ip-IP-address">--bt-local-ip=<IP address></dt> <dd> <p>Use other then default (127.0.0.1) IP address on host side for forwarded socket.</p> </dd> <dt id="bt-local-tcp-port-TCP-port">--bt-local-tcp-port=<TCP port></dt> <dd> <p>Specify port to be used on host side for forwarded socket.</p> </dd> </dl> <h1 id="EXAMPLES">EXAMPLES</h1> <p>To see program arguments:</p> <pre><code> androiddump --help</code></pre> <p>To see program version:</p> <pre><code> androiddump --version</code></pre> <p>To see interfaces:</p> <pre><code> androiddump --extcap-interfaces Example output: interface {display=Android Logcat Main unknown MSM7627A}{value=android-logcat-main-MSM7627A} interface {display=Android Logcat System unknown MSM7627A}{value=android-logcat-system-MSM7627A} interface {display=Android Logcat Radio unknown MSM7627A}{value=android-logcat-radio-MSM7627A} interface {display=Android Logcat Events unknown MSM7627A}{value=android-logcat-events-MSM7627A} interface {display=Android Bluetooth Hcidump unknown MSM7627A}{value=android-bluetooth-hcidump-MSM7627A} Human-readable display name of interfaces contains interface type, one of: android-logcat-main (Android Logcat Main) android-logcat-system (Android Logcat System) android-logcat-radio (Android Logcat Radio) android-logcat-events (Android Logcat Events) android-logcat-text-main (Android Logcat Main) android-logcat-text-system (Android Logcat System) android-logcat-text-radio (Android Logcat Radio) android-logcat-text-events (Android Logcat Events) android-logcat-text-crash (Android Logcat Crash) android-bluetooth-hcidump (Android Bluetooth Hcidump) android-bluetooth-external-parser (Android Bluetooth External Parser) android-bluetooth-btsnoop-net (Android Bluetooth Btsnoop Net) android-wifi-tcpdump (Android WiFi) Then Android Device's name if available, otherwise "unknown". Last part of it is DeviceID - the identificator of the device provided by Android SDK (see "adb devices"). For example: "Android Logcat Main unknown MSM7627A" "Android Logcat Main" - user-friendly type of interface "unknown" - name of Android Device "MSM7627A" - device ID</code></pre> <p>To see interface DLTs:</p> <pre><code> androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-dlts Example output: dlt {number=99}{name=BluetoothH4}{display=Bluetooth HCI UART transport layer plus pseudo-header}</code></pre> <p>To see interface configuration options:</p> <pre><code> androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-config Example output: arg {number=0}{call=--adb-server-ip}{display=ADB Server IP Address}{type=string}{default=127.0.0.1} arg {number=1}{call=--adb-server-tcp-port}{display=ADB Server TCP Port}{type=integer}{range=0,65535}{default=5037}</code></pre> <p>To capture:</p> <pre><code> androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --fifo=/tmp/bluetooth.pcapng --capture</code></pre> <p>NOTE: To stop capturing CTRL+C/kill/terminate application.</p> <h1 id="SEE-ALSO">SEE ALSO</h1> <p>wireshark(1), tshark(1), dumpcap(1), extcap(4)</p> <h1 id="NOTES">NOTES</h1> <p><b>Androiddump</b> is part of the <b>Wireshark</b> distribution. The latest version of <b>Wireshark</b> can be found at <a href="https://www.wireshark.org">https://www.wireshark.org</a>.</p> <p>HTML versions of the Wireshark project man pages are available at: <a href="https://www.wireshark.org/docs/man-pages">https://www.wireshark.org/docs/man-pages</a>.</p> <h1 id="AUTHORS">AUTHORS</h1> <pre><code> Original Author -------- ------ Michal Labedzki <michal.labedzki[AT]tieto.com> Contributors ------------ Roland Knall <rknall[AT]gmail.com></code></pre> </body> </html>