Capturing Traffic Using 'rpcapd'
The ‘rpcapd’ (Remote Packet Capture) network sniffer application enables network admins to analyze and debug Android traffic on their desktop PC using the app's integral SSH server.
SSH is by default disabled and can be enabled with Administrator permissions in the phone screen (Device Administration > Debugging > SSH).
| ➢ | To capture traffic using ‘rpcapd’: |
| 1. | Open the phone's Debugging screen and switch Remote Packet Capture on. |
| 2. | After 'rpcapd' is enabled on the phone, use Wireshark to connect with it. Follow the steps below to connect to the phone. |
| 3. | View all the interfaces on the phone and choose your preferred interface with which to capture packets. |