Ask Your Question
0

How I could capture the traffic of my smartphone or tablet

asked 2018-11-09 19:47:21 +0000

Anoud gravatar image

updated 2018-11-09 19:54:51 +0000

Hi, I have 3 different devices for my kids connected to my home access point (smartphone, laptop, and Ipad). I want to collect the traffic from the devices to monitor what my kids browsing or watching on youtube. However, my network card is on promiscuous mode but when I run Wireshark I can not find the traffic from the devices why? and how I can do it.

Thank you

edit retag flag offensive close merge delete

2 Answers

Sort by » oldest newest most voted
0

answered 2018-11-12 14:09:28 +0000

aspyct gravatar image

If you want to intercept and read HTTPS traffic, you'll need a proxy that reencrypts the traffic. mitmproxy or sslsplit can do that for you, provided you can install custom CA certificate on the devices. Be careful though, this could be a huge security issue.

https://mitmproxy.org/

There are several ways to set it up. The easiest is to just have it running on a machine somewhere on the network, and configure each device to use said HTTP proxy.

However this can easily be bypassed by modifying the wifi proxy setting. The surefire way to redirect all traffic through it is to run it in transparent mode. In that case, you need to put the proxy in the network chain, so it most likely means you need a separate wifi for those devices, and a computer with two network interfaces to run the proxy. (Actually it can work with just one device like a raspberry pi, but that's quite a lot of configuration.)

Before doing any of that, make sure you understand 1. the implications of installing a custom CA certificate and 2. the basics of network routing.

edit flag offensive delete link more
0

answered 2018-11-10 04:20:15 +0000

Spooky gravatar image

updated 2018-11-10 04:21:39 +0000

Hi,

You may be able to capture some traffic by using a TAP on the link going from your router to your "Internet.” (To your modem, DSL, etc.)

NAT will make it hard to tell which device is responsible for what traffic.

I must also warn you that most of the traffic is encrypted on the Internet nowadays. (HTTPS)

This means you can probably see WHERE they are going but not WHAT they are doing.

Regards,

Spooky

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-11-09 19:47:21 +0000

Seen: 164 times

Last updated: Nov 12