I wonder how I can find the URL of the API that the Android application (any application I have installed) uses to make API calls to an online server (such as a RESTful service). I think I need to capture packets to the device and maybe analyze them in Wireshark or something to find the URL? I’m pretty good at Java/Android development, but a bit lost when it comes to any kind of network analysis.
How can I solve this problem?
you can do it with WireShark. I’ll take the steps here
- Install WireShark on your computer
- We now need to create an Android Virtual Device (AVD), so we download the Android SDK from the official website. The Android SDK comes with an emulator for the tests
- After configuring the Android SDK, create an Android Virtual Device (AVD) on which we will install the application.
- to operate this virtual device. You can run it on the command line (Emulator @).
- After creating an application to install the virtual device with the adb command install app_file_name.apk.
- Now we can start capturing packages. I suggest that you disable other applications on your computer that use the network, so that our captured packages are more relevant.
- Now, use Wireshark as a carrot…
- Select the interface you want to record and press the Start button to start recording.
- Now start with this application to let the packages go back and forth and let Wireshark record them.
- If you use an application that covers all activities, you can stop Drahthai to capture packages.
- Now the main activity begins with carefully analyzing the packets. but not all packets are useful for our work. so filter the packets relevant to you. enter your IP address 192.168.0.32 and then filter all packets whose IP is that IP. so the filter expression will ip.addr==192.168.0.32 apply this filter. However, we will apply a different filter to only list the relevant packets. It is possible that the application has access to the API via the HTTP protocol. So apply the HTTP filter. The expression will be http. You can apply both filters simultaneously ip.addr==192.168.0.32 and http press enter to apply.
- Read carefully the information about the packages listed, you will find many important details, API keys, cookies, etc.
Very fast method.
Go to PlayStore, search for Packet Capture
Download, install and run.
It’s quick and easy. It gives you detailed information about the API, the URLs and the answers with their headers.
This application follows the concept of Sniffing Packets. This may not work with secure applications such as WhatsApp, Facebook, Twitter.
CONNECTION 1 :
Package recording is no longer available in the Playstore, please try OS Monitor.
RECOGNISE 2 :
Package recording is available again.
you can do it with WireShark.
Use a debugging proxy. Click the play button and you will be able to capture the URLs and see more details.
Solution No 5:
- install the virtual box and genymotion
- Make an ingenious move.
3 . then set your android wish ADV.
- Now, use Wireshark as a carrot…
Solution No 6:
Download the Android +6.0 image for PC from this website: https://www.android-x86.org/.
For example: https://www.android-x86.org/releases/releasenote-6-0-r3.html
Make sure your application works with this version of Android – you can check the minimum version of Android in the Google Play shop – and don’t take too high a number for the Andriod version: The higher the number, the greater the security restrictions.
Install VirtualBox, mount the ISO image, download Android and install the application via Google Play.
You have two choices now:
- For example, if the traffic is not encrypted, you can write all NIC traffic to a text file. B. VBoxManage modifyvm vm-name –nictrace1 to –nictracefile1 c:file.pcap (see here).
- If the traffic is encrypted, a man-in-the-middle approach can be used. The application that makes this possible is HttpCanary. It creates a VPN connection and redirects your traffic over that VPN. It deciphers and works well, but be careful with your personal data.
httpcanary alternative,httpcanary tutorial,httpcanary apk,httpcanary ios,httpcanary no root apk,packet generator apk,how to get android app url,os monitor for android,process monitor android,os monitor from google play,android os monitor apk,android operating system apk,how to check api calls in android,wireshark android,android capture https requests,extract api from apk,android sniffer,android sniff http request,how to test api for mobile application,android pcap