AndroidHttpCapture网络诊断工具 是一款Android手机抓包软件 主要功能包括:手机端抓包、PING/DNS/TraceRoute诊断、抓包HAR数据上传分享。你也可以看成是Android版的"Fiddler" \(^o^)/~

Overview

AndroidHttpCapture网络诊断工具 Travis

是一款针对于移动流量劫持而开发的手机抓包软件,可以当作是Android版的‘Fiddler’
主要功能包括:手机端抓包、PING/DNS/TraceRoute诊断、抓包HAR数据上传分享
使用前请确保手机HTTP代理的关闭

Demo APK下载

点击查看操作手册

功能简介

1. HTTP/HTTPS抓包
当用户通过AndroidHttpCapture访问页面的时候,所有的http请求都会被记录下来,然后这些请求包可以预览、分享、上传(上传接口的网址需自行在MainActivity修改)。

第一次进入程序需要安装CA证书以便进行HTTPS抓包(原理同fiddler,MITM中间人)不安装证书的话无法抓取HTTPS的请求

高版本的Android不允许跳转设置安装证书,需要自行在设置->安全和锁屏->加密与凭据->安装证书(证书位置:/har/littleproxy-mitm.pem)

预览页面可以查看从APP启动起所有网络请求数据,实现了按分页过滤、URL搜索功能,并可清空所有数据包
预览的内容包括Request Header、Request Cookie、Request Content、Response Header、Response Cookie、Response Content
Content内容如果为JSON将会自动格式化显示
image image
分享功能将抓包生成的所有数据包打包为har文件并压缩为zip,支持分享到微信、QQ等

2. 返回包注入
支持修改流量返回包(该版本暂时只支持http的修改)
image image

3. 环境切换
支持切换模拟为微信、手Q,默认为普通浏览器。
image

4. 多样性输入:导航、地址栏、扫一扫、schema呼起
支持地址栏直接输入地址,扫扫描二维码,以及schema呼起app并打开目标页面。
schema的协议格式为:jdhttpmonitor://webview?param={'url'='http://www.darkal.cn'}

5. Host配置
可以配置各域名的host
image

6. 查看console.log日志
image

7. 网络工具
目前AndroidHttpCapture集成了常见的网络工具,如dns,ping,以及设备信息
image

8. 设置系统代理,监听其他app请求包
当将用户手机的代理服务器设置为127.0.0.1:8888时,可以对其他app(例如微信)的HTTP数据进行抓包
(此时AndroidHttpCapture就是一个手机上的fiddler)
image

Q & A

  1. 分享的http包如何查看和分析?
       分享的文件解压后为.har文件,可以通过fiddler方式或者在线工具进行分析。
    Fiddler方式需要先将包导到电脑上,然后使用fiddler导入该包:Import Sessions->Select Import Format ->HTTPArchive ->选择包,即可
    在线工具外网:http://static.hk.darkal.cn/har/ 只需要将包拖入此工具即可分析

已知BUG

  1. 信任所有的服务器证书不做校验
    2. 开启返回包注入功能后,https返回的部分页面存在 err_CONTENT_LENGTH_MISMATCH 错误
    (看起来似乎是解决了,待用户反馈)

如果觉得工具好用的话请多多star以及Pull requests
支持我喝杯咖啡请扫描下面的二维码,谢谢(ง •̀_•́)ง

image

致谢

AndroidHttpCapture基于Netty、browsermob-proxy来实现核心抓包的功能
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
https://github.com/netty/netty
由于Android5.0+不支持Provider 为JKS的证书,所以逆向修改了Netty库的证书部分适配Android系统(netty_android.jar)

A free utility to help web developers watch and manipulate network traffic from their AJAX applications.
https://github.com/lightbody/browsermob-proxy
修改了多处browsermob-proxy的源码适配Android系统

MIT License
Copyright (c) 2016 AndroidHttpCapture

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Comments
  • resources   里的资源 是做什么用的

    resources 里的资源 是做什么用的

    你好 在运行你的项目的时候 我把这个resources 删了 编译运行该项目 可以正常运行 但是 https 的链接就打不开了 我重新把resources 加进去 还是无法打开 https的链接 而且 吧这个项目集成到我们的项目里 也出现了 上面的无法 加载 https 的链接 请问这个问题 我改如何解决 请大神给说下

    opened by caochongsheng 3
  • 按照issue中的方法去做了,还是在编译时出现问题:找不到符号:BR

    按照issue中的方法去做了,还是在编译时出现问题:找不到符号:BR

    在用android studio2.3.3编译这个项目的时候会遇到类似下面这个编译问题: Error:(13, 34) 错误: 找不到符号 符号: 类 BR 位置: 程序包 cn.darkal.networkdiagnosis 在app的build.gradle文件中添加了compile 'com.neenbedankt.gradle.plugins:android-apt:1.8',然后执行file->Invalidate Caches/Restart以后这个问题没有得到解决,不知道是不是还有哪里配置不对。

    opened by MrTaoGe 3
  • 源码打包,启动CRASH

    源码打包,启动CRASH

    java.lang.RuntimeException: Unable to start activity ComponentInfo{cn.darkal.networkdiagnosis/cn.darkal.networkdiagnosis.Activity.MainActivity}: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.github.clans.fab.FloatingActionMenu.setClosedOnTouchOutside(boolean)' on a null object reference at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2697) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2763) at android.app.ActivityThread.-wrap11(ActivityThread.java) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1585) at android.os.Handler.dispatchMessage(Handler.java:111) at android.os.Looper.loop(Looper.java:207) at android.app.ActivityThread.main(ActivityThread.java:5939) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:956) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:817) Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.github.clans.fab.FloatingActionMenu.setClosedOnTouchOutside(boolean)' on a null object reference at cn.darkal.networkdiagnosis.Activity.MainActivity.initFloatingActionMenu(MainActivity.java:909) at cn.darkal.networkdiagnosis.Activity.MainActivity.onCreate(MainActivity.java:162) at android.app.Activity.performCreate(Activity.java:6362) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1120) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2650) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2763)  at android.app.ActivityThread.-wrap11(ActivityThread.java)  at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1585)  at android.os.Handler.dispatchMessage(Handler.java:111)  at android.os.Looper.loop(Looper.java:207)  at android.app.ActivityThread.main(ActivityThread.java:5939)  at java.lang.reflect.Method.invoke(Native Method)  at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:956)  at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:817) 

    opened by devil19 2
  • Android P BC provider 不提供 RSA加密算法,什么时候有空适配一下高版本

    Android P BC provider 不提供 RSA加密算法,什么时候有空适配一下高版本

    org.bouncycastle.operator.OperatorCreationException: cannot create signer: The BC provider no longer provides an implementation for Signature.SHA512WITHRSA. Please see https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html for more details.

    opened by Rob8it 1
  • 错误: 程序包Bean不存在

    错误: 程序包Bean不存在

    android studio version: 4.1 \app\build\generated\data_binding_base_class_source_out\debug\dataBindingGenBaseClassesDebug\out\cn\darkal\networkdiagnosis\databinding\ItemFilterBinding.java:13: 错误: 找不到符号 import cn.darkal.networkdiagnosis.Bean; 符号: 类 Bean 位置: 程序包 cn.darkal.networkdiagnosis

    opened by ushang000 1
  • Responsible disclosure policy

    Responsible disclosure policy

    Hey there!

    I belong to an open source security research community, and a member (@ready-research) has found an issue, but doesn’t know the best way to disclose it.

    If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

    Thank you for your consideration, and I look forward to hearing from you!

    (cc @huntr-helper)

    opened by JamieSlome 0
  • 代码运行安装不了,提示 INSTALL_FAILED_NO_MATCHING_ABIS

    代码运行安装不了,提示 INSTALL_FAILED_NO_MATCHING_ABIS

    大佬,源码运行不了debug版本编译安装后提示: Installation did not succeed. The application could not be installed: INSTALL_FAILED_NO_MATCHING_ABIS

    List of apks: [0] '/Users/yuwenjian/Desktop/Android_workspace/CaptureInter/app/build/outputs/apk/debug/app-universal-debug.apk' Installation failed due to: 'null' Retry

    opened by yuwenjian 4
Releases(3.1.30)
Owner
Darkal
九州达科
Darkal
dns library for android

Qiniu Happy DNS for Android 安装 直接安装 通过maven 使用方法 DnsManager 可以创建一次,一直使用。 IResolver[] resolvers = new IResolver[3]; resolvers[0] = AndroidDnsSe

Qiniu Cloud 270 Dec 5, 2022
DNS-based Host Blocker (and lightweight ad blocker) for Android

DNS-Based Host Blocking for Android This is a DNS-based host blocker for Android. In the default configuration, several widely-respected host files ar

Julian Andres Klode 1.9k Jan 8, 2023