1ANDROIDDUMP(1) The Wireshark Network Analyzer ANDROIDDUMP(1)
2
3
4
6 androiddump - Provide interfaces to capture from Android devices
7
9 androiddump [ --help ] [ --version ] [ --extcap-version ] [ --debug ]
10 [ --extcap-interfaces ] [ --extcap-dlts ]
11 [ --extcap-interface=<interface> ] [ --extcap-config ] [ --capture ]
12 [ --fifo=<path to file or pipe> ] [ --adb-server-ip=<IP address> ]
13 [ --adb-server-tcp-port=<TCP port> ] [ --logcat-text=<TRUE or FALSE> ]
14 [ --bt-server-tcp-port=<TCP port> ]
15 [ --bt-forward-socket=<TRUE or FALSE> ] [ --bt-local-ip=<IP address> ]
16 [ --bt-local-tcp-port=<TCP port> ]
17
18 androiddump --extcap-interfaces [ --adb-server-ip=<IP address> ]
19 [ --adb-server-tcp-port=<TCP port> ]
20
21 androiddump --extcap-interface=<interface> [ --extcap-dlts ]
22
23 androiddump --extcap-interface=<interface> [ --extcap-config ]
24
25 androiddump --extcap-interface=<interface>
26 --fifo=<path to file or pipe> --capture
27
29 Androiddump is a extcap tool that provide interfaces to capture from
30 Android device. There is only two requirements:
31
32 1. You must have Android SDK and add it PATH environment variable.
33 PATH should contain directory with tools like "adb" and "android".
34 Android SDK for various platform are available on:
35 https://developer.android.com/sdk/index.html#Other
36
37 2. You must have permission to Android devices. Some Android devices
38 requires on-screen authentication.
39
40 Supported interfaces:
41
42 1. Logcat Main (binary [<=Jelly Bean] or text)
43 2. Logcat System (binary [<=Jelly Bean] or text)
44 3. Logcat Events (binary [<=Jelly Bean] or text)
45 4. Logcat Radio (binary [<=Jelly Bean] or text)
46 5. Logcat Crash (text; from Lollipop)
47 6. Bluetooth Hcidump [<=Jelly Bean]
48 7. Bluetooth Bluedroid External Parser [Kitkat]
49 8. Bluetooth BtsnoopNet [>=Lollipop]
50 9. WiFi tcpdump [need tcpdump on phone]
51
52 Please note that it will work also for FirefoxOS or other Android-based
53 stuffs.
54
56 --help
57 Print program arguments.
58
59 --version
60 Print program version.
61
62 --extcap-version
63 Print extcapized version.
64
65 --debug
66 Print additional messages.
67
68 --extcap-interfaces
69 List available interfaces.
70
71 --extcap-interface=<interface>
72 Use specified interfaces.
73
74 --extcap-dlts
75 List DLTs of specified interface.
76
77 --extcap-config
78 List configuration options of specified interface.
79
80 --capture
81 Start capturing from specified interface save saved it in place
82 specified by --fifo.
83
84 --fifo=<path to file or pipe>
85 Save captured packet to file or send it through pipe.
86
87 --adb-server-ip=<IP address>
88 Use other then default (127.0.0.1) ADB daemon's IP address.
89
90 --adb-server-tcp-port=<TCP port>
91 Use other then default (5037) ADB daemon's TCP port.
92
93 --logcat-text=<TRUE or FALSE>
94 If TRUE then use text logcat rather then binary. This option has
95 effect only on Logcat interfaces. This have no effect from Lollipop
96 where is no binary Logcat available.
97
98 Defaults to FALSE.
99
100 --bt-server-tcp-port=<TCP port>
101 Use other then default Bluetooth server TCP port on Android side.
102 On Lollipop defaults is 8872, earlier 4330.
103
104 --bt-forward-socket=<TRUE or FALSE>
105 If TRUE then socket from Android side is forwarded to host side.
106
107 Defaults to FALSE.
108
109 --bt-local-ip=<IP address>
110 Use other then default (127.0.0.1) IP address on host side for
111 forwarded socket.
112
113 --bt-local-tcp-port=<TCP port>
114 Specify port to be used on host side for forwarded socket.
115
117 To see program arguments:
118
119 androiddump --help
120
121 To see program version:
122
123 androiddump --version
124
125 To see interfaces:
126
127 androiddump --extcap-interfaces
128
129 Example output:
130 interface {display=Android Logcat Main unknown MSM7627A}{value=android-logcat-main-MSM7627A}
131 interface {display=Android Logcat System unknown MSM7627A}{value=android-logcat-system-MSM7627A}
132 interface {display=Android Logcat Radio unknown MSM7627A}{value=android-logcat-radio-MSM7627A}
133 interface {display=Android Logcat Events unknown MSM7627A}{value=android-logcat-events-MSM7627A}
134 interface {display=Android Bluetooth Hcidump unknown MSM7627A}{value=android-bluetooth-hcidump-MSM7627A}
135
136 Human-readable display name of interfaces contains interface type, one of:
137 android-logcat-main (Android Logcat Main)
138 android-logcat-system (Android Logcat System)
139 android-logcat-radio (Android Logcat Radio)
140 android-logcat-events (Android Logcat Events)
141 android-logcat-text-main (Android Logcat Main)
142 android-logcat-text-system (Android Logcat System)
143 android-logcat-text-radio (Android Logcat Radio)
144 android-logcat-text-events (Android Logcat Events)
145 android-logcat-text-crash (Android Logcat Crash)
146 android-bluetooth-hcidump (Android Bluetooth Hcidump)
147 android-bluetooth-external-parser (Android Bluetooth External Parser)
148 android-bluetooth-btsnoop-net (Android Bluetooth Btsnoop Net)
149 android-wifi-tcpdump (Android WiFi)
150 Then Android Device's name if available, otherwise "unknown".
151 Last part of it is DeviceID - the identificator of the device provided by Android SDK (see "adb devices").
152
153 For example:
154 "Android Logcat Main unknown MSM7627A"
155
156 "Android Logcat Main" - user-friendly type of interface
157 "unknown" - name of Android Device
158 "MSM7627A" - device ID
159
160 To see interface DLTs:
161
162 androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-dlts
163
164 Example output:
165 dlt {number=99}{name=BluetoothH4}{display=Bluetooth HCI UART transport layer plus pseudo-header}
166
167 To see interface configuration options:
168
169 androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-config
170
171 Example output:
172 arg {number=0}{call=--adb-server-ip}{display=ADB Server IP Address}{type=string}{default=127.0.0.1}
173 arg {number=1}{call=--adb-server-tcp-port}{display=ADB Server TCP Port}{type=integer}{range=0,65535}{default=5037}
174
175 To capture:
176
177 androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --fifo=/tmp/bluetooth.pcapng --capture
178
179 NOTE: To stop capturing CTRL+C/kill/terminate application.
180
182 wireshark(1), tshark(1), dumpcap(1), extcap(4)
183
185 Androiddump is part of the Wireshark distribution. The latest version
186 of Wireshark can be found at <https://www.wireshark.org>.
187
188 HTML versions of the Wireshark project man pages are available at:
189 <https://www.wireshark.org/docs/man-pages>.
190
192 Original Author
193 -------- ------
194 Michal Labedzki <michal.labedzki[AT]tieto.com>
195
196
197 Contributors
198 ------------
199 Roland Knall <rknall[AT]gmail.com>
200
201
202
2033.4.5 2021-05-27 ANDROIDDUMP(1)