Description of problem: The file androiddump is missing form the wireshark-cli package, even through the man page is there. This means I have to use other Linuxes to talk to Android directly from Wireshark or build it myself Version-Release number of selected component (if applicable): How reproducible: Try to use Wireshark to view Android stuff over adb Steps to Reproduce: 1. Install wireshark, wireshark-cli 2. Start adb server (adb start-server) 3. Run Wireshark 4. Look for Android specific interfaces Actual results: Can't log logcat or HCI from Android over ADB into Wireshark. Ended up having to use Kali Linux. Felt unclean. Expected results: Being able to do live sniffing of Android HCI events via ADB. Additional info:
Hi, could you be a little bit more specific as to what I need to do to see these interfaces in Fedora? I believe that this will be solved by building wireshark with -DBUILD_androiddump=ON and I have no problem with enabling this. But even when I follow your instructions I see no android specific interfaces. I was thinking that if I run the adb server, the android interfaces would show after running tshark -D but I am probably missing something. Or if you want to try yourself, I can send you a link to a scratch build from koji and you can test the package. Michal
I was trying to compile from source yesterday and ran out of time - I'll get you a screencap from another Linux to show what I was expecting.
Can you try a package from the scratch build in koji below? It is built with -DBUILD_androiddump=ON: https://koji.fedoraproject.org/koji/taskinfo?taskID=44410465
I'm going have to admit ignorance here about how Koji interacts with Fedora as I can't see a package there (and a Google is not really helpful). I'll be happy to install it, but I may need the exact command. Note, I'm still on Fedora 31 What I would expect to see (the below is the output of running tshark -D on kali with the adb server started): ``` root@kali:~# tshark -D Running as user "root" and group "root". This could be dangerous. tshark: Lua: Error during loading: [string "/usr/share/wireshark/init.lua"]:32: dofile has been disabled due to running Wireshark as superuser. See https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user. 1. eth0 2. any 3. lo (Loopback) 4. bluetooth0 5. nflog 6. nfqueue 7. usbmon1 8. usbmon2 9. usbmon3 10. usbmon4 11. android-bluetooth-btsnoop-net-ZY3223NWP8 (Android Bluetooth Btsnoop Net Moto_G__5_ ZY3223NWP8) 12. android-logcat-text-crash-ZY3223NWP8 (Android Logcat Crash Moto_G__5_ ZY3223NWP8) 13. android-logcat-text-events-ZY3223NWP8 (Android Logcat Events Moto_G__5_ ZY3223NWP8) 14. android-logcat-text-main-ZY3223NWP8 (Android Logcat Main Moto_G__5_ ZY3223NWP8) 15. android-logcat-text-radio-ZY3223NWP8 (Android Logcat Radio Moto_G__5_ ZY3223NWP8) 16. android-logcat-text-system-ZY3223NWP8 (Android Logcat System Moto_G__5_ ZY3223NWP8) 17. ciscodump (Cisco remote capture) 18. randpkt (Random packet generator) 19. sshdump (SSH remote capture) 20. udpdump (UDP Listener remote capture) ``` An adb server will need to be running first (e.g. running adb start-server). The above text was when I had a phone plugged in.
In the link I sent you, you need to choose the right arch you are using. Assuming you are using x86_64, you will find the rpm under 'buildArch (wireshark-3.2.3-2.fc33.src.rpm, x86_64)'. There you can see the rpms at the bottom. You will need to install both wireshark and wireshark-cli: # dnf install https://kojipkgs.fedoraproject.org//work/tasks/525/44410525/wireshark-3.2.3-2.fc33.x86_64.rpm https://kojipkgs.fedoraproject.org//work/tasks/525/44410525/wireshark-cli-3.2.3-2.fc33.x86_64.rpm
I get what I need from tshark (exactly the same as for Kali, above) and I have managed to sniff Bluetooth HCI events through ADB. I can't run Wireshark as it has a dependency on qt 5.14 which I can't easily bypass without breaking my virtual machine; but if it works on tshark, it should work on wireshark. Thanks!
FEDORA-2020-ca3d3f15f0 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-ca3d3f15f0
FEDORA-2020-4f5588cf97 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f5588cf97
FEDORA-2020-ca3d3f15f0 has been pushed to the Fedora 31 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-ca3d3f15f0` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-ca3d3f15f0 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2020-4f5588cf97 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-4f5588cf97` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-4f5588cf97 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2020-4f5588cf97 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2020-ca3d3f15f0 has been pushed to the Fedora 31 stable repository. If problem still persists, please make note of it in this bug report.