Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/gh2o/rvi_capture

rvictl for Linux and Windows: capture packets sent/received by iOS devices
https://github.com/gh2o/rvi_capture

ios iphone packet-capture packet-sniffer python3 rvictl wireshark

Last synced: 21 days ago
JSON representation

rvictl for Linux and Windows: capture packets sent/received by iOS devices

Awesome Lists containing this project

README 

        
# rvi_capture

rvictl for Linux and Windows: capture packets sent/received by iOS devices



A utility to create packet capture dumps from iOS devices; useful for debugging network activity via Wireshark.



Tested on Arch Linux with iOS 14.8.



## Prerequisites



### Linux

`libimobiledevice` and `python3` must be installed. Ensure that the `usbmuxd` daemon is running.



### Windows

`python3` and iTunes must be installed. Ensure that the `AppleMobileDeviceService.exe` process is running.  

`libimobiledevice` will be downloaded as needed.



## Usage



```

./rvi_capture.py [--format {pcap,pcapng}] [--udid UDID] outfile

```

* `--format`: capture format

    * pcapng: The default. Newer and allows for distinguishing between interfaces.

      Wireshark 3.0+ supports streaming captures with this format.

    * pcap: Older format for compatibility.

* `--udid`: device UDID  

  The specific device to target. If omitted, the first device found will be used.

* `outfile`: output file or FIFO, or `-` for standard output.



## Using with Wireshark

```

./rvi_capture.py - | wireshark -k -i -

```



### Tips

- In Wireshark, you can filter for a particular network interface based on the

  `frame.interface_name` field. Here are some possible values (as tested on iOS 14.8):

  - `en0`: wifi interface

  - `pdp_ip0`: cellular interface

  - `ipsec1`: IPSec outer transport for VoLTE

  - `ipsec3`: IPSec inner transport for VoLTE