SMB2: dissect new signing capability negotiate context

[wireshark-sm.git] / doc / androiddump.pod

=begin man

=encoding utf8

=end man

=head1 NAME

androiddump - Provide interfaces to capture from Android devices

=head1 SYNOPSIS

B<androiddump>
S<[ B<--help> ]>
S<[ B<--version> ]>
S<[ B<--extcap-version> ]>
S<[ B<--debug> ]>
S<[ B<--extcap-interfaces> ]>
S<[ B<--extcap-dlts> ]>
S<[ B<--extcap-interface>=E<lt>interfaceE<gt> ]>
S<[ B<--extcap-config> ]>
S<[ B<--capture> ]>
S<[ B<--fifo>=E<lt>path to file or pipeE<gt> ]>
S<[ B<--adb-server-ip>=E<lt>IP addressE<gt> ]>
S<[ B<--adb-server-tcp-port>=E<lt>TCP portE<gt> ]>
S<[ B<--logcat-text>=E<lt>TRUE or FALSEE<gt> ]>
S<[ B<--bt-server-tcp-port>=E<lt>TCP portE<gt> ]>
S<[ B<--bt-forward-socket>=E<lt>TRUE or FALSEE<gt> ]>
S<[ B<--bt-local-ip>=E<lt>IP addressE<gt> ]>
S<[ B<--bt-local-tcp-port>=E<lt>TCP portE<gt> ]>

B<androiddump>
S< B<--extcap-interfaces> >
S<[ B<--adb-server-ip>=E<lt>IP addressE<gt> ]>
S<[ B<--adb-server-tcp-port>=E<lt>TCP portE<gt> ]>

B<androiddump>
S< B<--extcap-interface>=E<lt>interfaceE<gt> >
S<[ B<--extcap-dlts> ]>

B<androiddump>
S< B<--extcap-interface>=E<lt>interfaceE<gt> >
S<[ B<--extcap-config> ]>

B<androiddump>
S< B<--extcap-interface>=E<lt>interfaceE<gt> >
S< B<--fifo>=E<lt>path to file or pipeE<gt> >
S< B<--capture> >

=head1 DESCRIPTION

B<Androiddump> is a extcap tool that provide interfaces to capture from
Android device. There is only two requirements:

1. You must have Android SDK and add it PATH environment variable.
PATH should contain directory with tools like "adb" and "android".
Android SDK for various platform are available on:
https://developer.android.com/sdk/index.html#Other

2. You must have permission to Android devices. Some Android devices requires
on-screen authentication.


Supported interfaces:

=over 4

=item 1. Logcat Main (binary [<=Jelly Bean] or text)

=item 2. Logcat System (binary [<=Jelly Bean] or text)

=item 3. Logcat Events (binary [<=Jelly Bean] or text)

=item 4. Logcat Radio (binary [<=Jelly Bean] or text)

=item 5. Logcat Crash (text; from Lollipop)

=item 6. Bluetooth Hcidump [<=Jelly Bean]

=item 7. Bluetooth Bluedroid External Parser [Kitkat]

=item 8. Bluetooth BtsnoopNet [>=Lollipop]

=item 9. WiFi tcpdump [need tcpdump on phone]

=back

Please note that it will work also for FirefoxOS or other Android-based stuffs.

=head1 OPTIONS

=over 4

=item --help

Print program arguments.

=item --version

Print program version.

=item --extcap-version

Print extcapized version.

=item --debug

Print additional messages.

=item --extcap-interfaces

List available interfaces.

=item --extcap-interface=E<lt>interfaceE<gt>

Use specified interfaces.

=item --extcap-dlts

List DLTs of specified interface.

=item --extcap-config

List configuration options of specified interface.

=item --capture

Start capturing from specified interface save saved it in place specified by --fifo.

=item --fifo=E<lt>path to file or pipeE<gt>

Save captured packet to file or send it through pipe.

=item --adb-server-ip=E<lt>IP addressE<gt>

Use other then default (127.0.0.1) ADB daemon's IP address.

=item --adb-server-tcp-port=E<lt>TCP portE<gt>

Use other then default (5037) ADB daemon's TCP port.

=item --logcat-text=E<lt>TRUE or FALSEE<gt>

If TRUE then use text logcat rather then binary. This option has effect only on
Logcat interfaces. This have no effect from Lollipop where is no binary Logcat
available.

Defaults to FALSE.

=item --bt-server-tcp-port=E<lt>TCP portE<gt>

Use other then default Bluetooth server TCP port on Android side.
On Lollipop defaults is 8872, earlier 4330.

=item --bt-forward-socket=E<lt>TRUE or FALSEE<gt>

If TRUE then socket from Android side is forwarded to host side.

Defaults to FALSE.

=item --bt-local-ip=E<lt>IP addressE<gt>

Use other then default (127.0.0.1) IP address on host side for forwarded socket.

=item --bt-local-tcp-port=E<lt>TCP portE<gt>

Specify port to be used on host side for forwarded socket.

=back

=head1 EXAMPLES

To see program arguments:

    androiddump --help

To see program version:

    androiddump --version

To see interfaces:

    androiddump --extcap-interfaces

  Example output:
    interface {display=Android Logcat Main unknown MSM7627A}{value=android-logcat-main-MSM7627A}
    interface {display=Android Logcat System unknown MSM7627A}{value=android-logcat-system-MSM7627A}
    interface {display=Android Logcat Radio unknown MSM7627A}{value=android-logcat-radio-MSM7627A}
    interface {display=Android Logcat Events unknown MSM7627A}{value=android-logcat-events-MSM7627A}
    interface {display=Android Bluetooth Hcidump unknown MSM7627A}{value=android-bluetooth-hcidump-MSM7627A}

    Human-readable display name of interfaces contains interface type, one of:
        android-logcat-main (Android Logcat Main)
        android-logcat-system (Android Logcat System)
        android-logcat-radio (Android Logcat Radio)
        android-logcat-events (Android Logcat Events)
        android-logcat-text-main (Android Logcat Main)
        android-logcat-text-system (Android Logcat System)
        android-logcat-text-radio (Android Logcat Radio)
        android-logcat-text-events (Android Logcat Events)
        android-logcat-text-crash (Android Logcat Crash)
        android-bluetooth-hcidump (Android Bluetooth Hcidump)
        android-bluetooth-external-parser (Android Bluetooth External Parser)
        android-bluetooth-btsnoop-net (Android Bluetooth Btsnoop Net)
        android-wifi-tcpdump (Android WiFi)
    Then Android Device's name if available, otherwise "unknown".
    Last part of it is DeviceID - the identificator of the device provided by Android SDK (see "adb devices").

    For example:
    "Android Logcat Main unknown MSM7627A"

    "Android Logcat Main" - user-friendly type of interface
    "unknown" - name of Android Device
    "MSM7627A" - device ID

To see interface DLTs:

    androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-dlts

  Example output:
    dlt {number=99}{name=BluetoothH4}{display=Bluetooth HCI UART transport layer plus pseudo-header}


To see interface configuration options:

    androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --extcap-config

  Example output:
    arg {number=0}{call=--adb-server-ip}{display=ADB Server IP Address}{type=string}{default=127.0.0.1}
    arg {number=1}{call=--adb-server-tcp-port}{display=ADB Server TCP Port}{type=integer}{range=0,65535}{default=5037}


To capture:

    androiddump --extcap-interface=android-bluetooth-hcidump-MSM7627A --fifo=/tmp/bluetooth.pcapng --capture

NOTE: To stop capturing CTRL+C/kill/terminate application.

=head1 SEE ALSO

wireshark(1), tshark(1), dumpcap(1), extcap(4)

=head1 NOTES

B<Androiddump> is part of the B<Wireshark> distribution.  The latest version
of B<Wireshark> can be found at L<https://www.wireshark.org>.

HTML versions of the Wireshark project man pages are available at:
L<https://www.wireshark.org/docs/man-pages>.

=head1 AUTHORS

  Original Author
  -------- ------
  Michal Labedzki             <michal.labedzki[AT]tieto.com>


  Contributors
  ------------
  Roland Knall              <rknall[AT]gmail.com>