iPhone Packet Logging Instructions (As Promised):
Note: Only attempt this on your own network, and at your own risk. I am not responsible for any damage to your phone through jailbreaking, installing/using the application or following this guide.
Prerequisites:
- Your iPhone must be Jailbroken before using this. You can do this by using a jailbreak tool listed on this (
http://www.idownloadblog.com/download/) page.
Note: The application on your iPhone will pick up packets from any devices on your network, be sure to either disconnect all devices or use an extra router.
This works by doing a MITM (Man In The Middle) attack on your network to trick all devices into sending the packets through your phone, then to the network. It also logs the packets as well.
Step 1: Open up Cydia.
Step 2: Search for Pirni Pro. You should see a listing from The BigBoss repo for $1.99. Search also for iFile, and install both.
Step 3: Once installed, open up Pirni Pro from the SpringBoard.
Step 4: Tap BPF Filter, then backspace everything there and press Return. This will remove the filters and allow us to catch all packets going through the network.
Step 5: Change Dumpfile from /tmp/log.pcap to /var/mobile/log.pcap. (
You can also change this to something like /var/mobile/dumps/log.pcap, but make sure you create the directory using iFile if you do this.)
Step 6: If you want to use custom regexes under Regex Options, you can configure these from settings and select them, however I recommend not doing this. (Regexes allow you to see certain data live as it is logged, otherwise it is simply written to the file and you have to either open it in iFile or transfer it to your computer to view it.)
Step 7: Tap Start when you are ready to capture packets. The file will be saved to the directory you typed into the application.
WARNING: Do not leave the directory set to /tmp/log.pcap! When your iPhone ever reboots, this directory is cleared and you will loose all logged data!
To View The File On Your iPhone:
Step 1: Open iFile after logging.
Step 2: Navigate to the directory the file was saved in. Normally this is /tmp/log.pcap, but in this tutorial I recommended using /var/mobile/log.pcap.
Step 3: Tap the arrow next to the file.
Step 4: Select Text Editor, and the file should open up.
To Get The File Transferred To Your Computer:
Step 1: Open up iFile.
Step 2: Tap the Wireless icon towards the bottom left.
Warning:
Opening up the wireless connection will allow anyone on your network to connect to your iPhone unless you set a password under Settings in the iFile application.
Step 3: On your computer, navigate to the address displayed on the screen of your iPhone.
Step 4: Navigate to the directory of the saved file. In this tutorial, I suggest /var/mobile/log.pcap.
Step 5: Click the file to download it, then open it up in WireShark. (
http://www.wireshark.org/download.html)
That's It, Enjoy!