9

How can we capture HTTP traffic that goes through an ICS connection?

Full details:

  • I have a PC connected to internet via Ethernet.
  • PC has set up a Wifi Hotspot using Internet Connection Sharing (ICS) to share out internet to mobile devices.
  • I have a mobile device that is connected to the Wifi Hotspot.
  • I want to capture all traffic incoming from the mobile device. And the kicker: Mobile device does not have ability to set proxy settings

This would be easy if the mobile device could set a proxy server, but unfortunately it does not have that ability.

Also, I realize I could use wireshark here, but I need to decrypt https traffic to a server I don't have access to.

Improve this question
4
  • 1
    check this page out: fiddler2.com/Fiddler/help there is a link to a discussion group
    – Keltari
    Commented Apr 8, 2013 at 23:59
  • 2
    I have the same problem, unfortunately none of the suggestions in the link are applicable. I use wireshark right now, but this is just too uncomfortable compared to Fiddler or for example Burp. In Fiddler I can see everything that goes directly from my machine to WWW, but not what is coming from the connected device. This is strange
    – nico gawenda
    Commented Nov 14, 2013 at 6:38
  • 1
    Does it help in Fiddler options, Connections tab, selecting "Allow remote computers to connect"?
    – harrymc
    Commented Nov 14, 2013 at 19:59
  • 1
    does not help :\
    – nico gawenda
    Commented Nov 16, 2013 at 7:37

1 Answer 1

Reset to default
1

I think that the Wifi hotspot you made is secured. That is you have made either WPA2 or WPA or WEP secured Wifi hotspot.Here is a link to decrypt 802.11 encrypted packets:

How to Decrypt 802.11 packets

How ever if you don't want to do decryption then you can create an OPEN hotspot. Then try to capture packet using Wireshark.

Another technique are also available that can be used to sniff other's packet. It is called arp-poisoning.[please comment if you want more detail about it.]

Also you can set Proxy authentication in your mobile if you are using an Android phone version 4.0 or up. There is an app named DRONY which enables us to set proxy authorization in android phones.

Improve this answer
1
  • Since he has the wifi password to decrypt the contents (and thus see them), why would he need to change the wifi to unsecured?
    – Pacerier
    Commented Jun 9, 2015 at 7:25

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .