[olug] Cert Tapioca transparent network proxy finds 23, 667 Android apps that fail to validate SSL
Rob Townley
rob.townley at gmail.com
Sat Feb 28 10:39:06 CST 2015
With a rooted Android, one should be able to tap their 3G/4G interfaces
(see "Shark for root"). But it would be a more truthful capture to have
something upstream (hacked femtocell) or capture with SDR if you could
get the private key.
On Feb 28, 2015 9:25 AM, "Kevin" <sharpestmarble at gmail.com> wrote:
> The problem with this is that the traffic we're looking at originates on
> the Android device. Therefore it wouldn't even get to the computer running
> Wireshark.
> On Feb 27, 2015 4:34 PM, "T. J. Brumfield" <enderandrew at gmail.com> wrote:
>
> > I don't know if Wireshark will run directly on an Android device, but
> > couldn't you create a mobile hotspot with the android device and then
> > connect a computer to that hotspot, so the computer is only seeing the 4G
> > network effectively? Then run Wireshark from there.
> >
> > On Fri, Feb 27, 2015 at 4:31 PM, Aric Aasgaard <aric at omahax.com> wrote:
> >
> > > Is there a good Android firewall/ids/packet sniffer? I can monitor
> what
> > > is happening over WiFi but I have no clue what it could be doing over
> 4G.
> > > Since apps can tell the difference between 4G and WiFi it is possible
> for
> > > them to do bad things only on 4G.
> > > _______________________________________________
> > > OLUG mailing list
> > > OLUG at olug.org
> > > https://lists.olug.org/mailman/listinfo/olug
> > >
> >
> >
> >
> > --
> > "I'm questioning my education
> > Rewind and what does it show?
> > Could be, the truth it becomes you
> > I'm a seed, wondering why it grows"
> > -- Pearl Jam, Education
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>
More information about the OLUG
mailing list