What is Reddit's opinion of
tPacketCapture?
From 3.5 billion Reddit comments
Popularity Score: 29
This app was mentioned in 37 comments, with an average of 2.95 upvotes
Best Comments
Well, only if you lack the basic level of technical competence necessary to packet sniff your home network, in which case you're probably not too informed on crypto tech either. If the app claims to be fully serverless it will be obvious if it is not.
Edit: Use this app or any of the other similar options. For a community that crows about normies who can't understand crypto tech, the concept of reading your own network traffic certainly seems exotic here.
Edit: Regardless, I still suggest not entering your wallet credentials into this application unless it is open sourced by /u/lriccardo and/or otherwise audited by the community, or until /u/lriccardo has it audited for security by a trusted third party. See the smart folks below explaining why you're still at risk.
You can run Maplestory M with a packet capture app while disconnected from your campus internet and then use a software like Wireshark to examine the contents.
The port numbers should be in there somewhere.
To those willing to use this on your Android phone:
Install tPacketCapture https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
Load it
Open FFRK and do something (change a menu)
Quit the VPN connexion (notification bar)
Open tPacketCapture again to find where the file containing the data is saved
Copy that file to a PC with WireShark installed
Open it with WireShack
Search for "http_session_sid" (ctrl+F) on the packet detail
Profit
Edit:
- Or instead of opening it with WireShack on a PC, open the file with a text editor on your phone and find "http_session_sid". It will be easier if the said editor have a "find text" option. Google app "Docs" have it.
tPacketCapture can sometimes also be helpful. https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture There is also a pro version that allows you to filter it by app.
This might be another alternative, but haven't used it yet. https://play.google.com/store/apps/details?id=app.greyshirts.sslcapture
edit: just tried the second "Packet Capture" and at least in the free version it's pretty nice for a free app. If you want it also install a certificate to decrypt the ssl.
I would be very interested if somebody has a phone that allows HCI (snoop) logging in the debugging settings to make a log for me. One of normal usage and one with the firmware update.
This might help modifying the firmware.
EDIT: And optimally a network log too (https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture) before starting the update. I'll try to do this too.
EDIT2: For me the update is not yet available, I managed to get HCI logs but TCP logs won't be of much use as the most interresting transmissions are https.
EDIT3: So i poked a little bit and it seems that the "Check for updates" button for the watch does nothing. I can't be sure but I tried mitmproxy and changing the requests in the apk to http so I can record everything with tPacketCapture. If this is true and I didn't overlook something the watch update will require a Health Mate update. Also if their http header is correct they seem to host their static content on a Beaglebone Black.
Packet capture, on Android: https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture then opening the .pcap file in Wireshark on computer because this app doesn't have a browsing feature.
1st qual:
2nd that just ended has not yet appreared, but if you look at the url you might guess it (the _1rst_ part)
Probably not the proper/easiest method, I just used a packetsniffer. Capture, click event button, end capture. Then you just need to look in the pcap file for a GET to m.mercury.com2us.com/mercury_new/event/1234/normal.
You can do all this on an unrooted android phone with tPacketCapture and shark reader, or on emulators running on PC with wireshark.
I'll just offer advice: There are much better ways to reverse engineer software if you want to understand or clone it than taking a photo of it and asking reddit.
Let me suggest a debugger or network traffic sniffing.
I use : https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
Then I upload to Swarfarm.
Then I download from swarfarm.
Then I got my file for swop without a computer.
I used an app called tpacketcapture.
first open the app and start a capture session, while this is running open ffrk, you have to click the play button (and the OK button if you are in a battle) this will log the session id.
now tap on the notification to end the capture session.
back inside tpacketcapture tap on the file list menu. here it will tell you the name and location of any pcap files that you have made. Copy this new file to your computer, if you long press the file you can actually email it to yourself which is an easy cable free option to get it onto your pc.
now open the file with notepad.
use ctrl+f to search for 'cookie'.
i've done this twice now and for both files you should find what you are looking for at the second instance of 'cookie'
it should look something like this:
Content-Length: 463
Content-Type: application/x-www-form-urlencoded
Host: ffrk.denagames.com
Connection: Keep-Alive
User-Agent: android-async-http/1.4.1 (http: //loopj.com/android-async-http)
Cookie: http_session_sid=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
(64 characters)
now just copy and paste that into codyswann's app.
let me know if that works for you!
one interesting thing to note is that in my two separate files it generated two different session id's and both of them continue to work for previewing my drops.
Wireshark just shows the logs, you use a separate capture app such as this https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en, which acts as a proxy server that all traffic goes through, saving a copy of everything to a file. You'd then send that file to a PC , open it up in wireshark, look for the start of the connection and try to spot a URL.
Check with wireshark if any other communication is going on (beside json data). If not, make sure curl sends the exact same header as the android app (cookies, useragent, ...).
To easily capture traffic on android you can simply use the app tpacketcapture [0]. It creates a vpn connection. All communication is then routed through the vpn connection and recorded to a pcap file. Wireshark can open the file so you can analyze it.
[0] https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en
For iOS I don't know, but in non-rooted Android you can use this. It sets up a fake VPN and saves all network traffic into a PCAP file which you can then move to computer and open in Wireshark.
But if you look at the urls... it may be that for e.g. Spa only thing that needs to be changed is the circuit name part so guesswork might be easier.
I bet they will eventually add encryption to these, just like they did for the live streams last year.
I did the traffic monitoring on a rooted android device once but I don't remember the app's name. If you don't have root then could give an app that doesn't require root a try.
Example: https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
You should be able to to save a .pcap file which you can analyze with wireshark on your computer.
Thank you, I'll check that out. Theoretically I can capture the packets with this, I think it worked once. But if you have a better app (or a command to be used in a terminal (root is available)) please tell me.
Doesn't they have a better solution at throttling the connection? Or why do they use that technique?
If you can't setup a home proxy you have two options:
- Swex (https://swex.swop.one/): Web proxy ready to use. They charge for it but is only $3 a month. I use this one a lot
- Use some software to capture your network data in pcap format and import on swop. I already did that way and I used this app (android): https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en
You can try tPacketCapture (assuming Android), since most devices support Android's VPN pretty widely now.
https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
Otherwise setup a MITM / proxy for the device and capture all traffic that way
https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
This outputs .pcap files (altough without file extension iirc, so just rename it) so can be then viewed in Wireshark.
https://play.google.com/store/apps/details?id=app.greyshirts.sslcapture
This one has only a built-in viewer, iirc.
Both use "fake VPN" way so neither require root. This also means they're pretty unreliable sometimes and sometimes do not work with all apps (?).
Your friend can use an app which captures networks packets, PCAP,
upload them to swarfarm, after the process, download JSON with import function.
With this, he can use SWOP.
PCAP Capture for android: https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
the down side to the packet capture app is that it saves all the packet data as what appear to be the equivalent of a jpeg which makes searching through the text a pain. i used tpacketcapture to make a proper pcap file with which you can copy to your pc and open it with notepad and use the ctrl+f function to find your session id.
I know that TCPDump requires root on Android which is what I would have suggested. TPacketCapture was suggested as an alternative on stack exchange, no experience with using it though : https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
On Android (no idea about iOS): use this, start capture, open the WEC app and stream, stop capture, then save the .pcap file, open it in Wireshark (desktop) and Ctrl+F.
If rooted Android then there are better ways.
> Though by the looks of it you can just replace 'silverstone' in the link with 'spa' or something similar when the replays are released.
That is likely.
https://www.youtube.com/watch?v=fimW1n5PSX0 https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture This can be used to get the pcap file you need in a different way, you'll have to get it off your phone afterward though by plugging it into usb and doing a search for "pcap" in the phone's directory, or I believe the app lets you email the file to yourself.
Not sure what's causing your problem.
I would be curious to use something like this (https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en) to see what traffic was captured.
Chances are it will be SSL traffic anyway, but you will be able to see hosts being contacted. Or with more sophisticated tools, you can MITM-decrypt it and see what's really going on.
I use tPacketCapture to capture data packets. Once finished capturing, it'll be saved as a PCAP file that can be opened using Wireshark for PC/Mac.
If you have an Android device, tPacketCapture is awesome for this kinda stuff (I used Wireshark to view the pcap it produced).
My attempt at more specific instructions for those who need them:
Grab the SWParser v0.94 release and extract it: https://github.com/kakaroto/SWParser/releases/tag/0.94
Run the SWProxy.exe executable file in the folder
Note that in the SWProxy window it will show you an IP and Port, you'll need to plug those into your main wifi network. To do this, [android specific instructions] go to where it lists the wifi connections either by holding down your finger on the wifi button or just by going to the wifi settings screen. Once you're there, hold down on your main wifi network and press "Modify Network" (or something similar). Press "Show advanced options", set your proxy settings dropdown to "Manual", then scroll down a bit and set your port to what it says in the SWProxy.exe window FIRST, then you put the IP it gives you in SWProxy.exe into the hostname box on your phone and save it. (leave SWProxy.exe open on your computer)
Launch Summoner's War (close it first if it was already open) and wait until the SWProxy program says that the rune data has been generated, at that point you will find a file in the SWParser folder that ends with "optimizer.json", open that file with Notepad or wordpad or whatever and copy the contents of the file (Ctrl+A to select all, Ctrl+C to copy)
Then go to the rune optimizer webapp, currently https://b7e2310d2b970be56f8b12314a4ade9bfc3d620b-www.googledrive.com/host/0B-GpYLz2ELqgfjdzTURIVFJVcGdlbW8xLWlyQTJKVWs5V0xrZHYyWGlYTFZnMElFX09RVmc/
Paste in the data and press Import
Then you're done with that part, now you've gotta optimize your runes, if you plan to rearrange your runes completely and strip monsters, be sure to uncheck "Use only runes from inventory" in the Optimizer, or it won't show the ones on your monsters.
Another tip, when you generate a build you like with the optimizer (which you then open up into its own specific build tab by clicking the link on the left side of where the stats show up), you should press "Lock runes" to prevent those same runes from showing up in future builds you generate.
???
Profit (or donate to the guy)
Edit: If you have some strange problem that you can't seem to solve with the PC proxy program, try this instead:
https://www.youtube.com/watch?v=fimW1n5PSX0 https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
This can be used to get the pcap file you need in a different way, you'll have to get it off your phone afterward though by plugging it into usb and doing a search for "pcap" on the phone.
Just launch the app, start it's capturing, and launch SW normally until it says touch to start, then grab the pcap file.
Consumer drones like the DJIs just use wifi, you could just use a packet trace app on an android phone to see the traffic https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en. (or just study their control SDKs https://github.com/dji-sdk )
Here's a talk poking and probing those drones https://www.youtube.com/watch?v=5CzURm7OpAA
Professional drones are more likely to need/want an SDR because they use more long range radio protocols https://www.youtube.com/watch?v=JRVb-xE1zTI https://www.blackhat.com/docs/asia-16/materials/asia-16-Rodday-Hacking-A-Professional-Drone.pdf
So the way I do it you're going to need two programs installed, one on your phone and one on your computer.
tPacketCapture: to record the data your phone sends out.
Wireshark: to read the file that tPacketCapture saves.
Shut off all your apps and open tPacketCapture. Press the "Capture" button (http://imgur.com/3U1QRHH) and your phone will connect to a VPN and start recording all data packets. Once you start recording, open FFRK and do stuff in it that requires loading such as entering an Event.
Bring up your phone's notifications and turn off tPacketCapture by tapping on it here (http://imgur.com/ct2OVPg) and choosing Disconnect. This saves a file onto your phone that you can find here (http://imgur.com/n7tfxbA); open it with Wireshark.
Once the file is opened on Wireshark, press Ctrl+F and search for: http_session_sid
There's going to be two drop-down selections that you're going to need to change. Change "Packet List" to "Packet Details"; change "Display filter" to "String" (or "Regular Expression").
It should look like this: http://imgur.com/vlSvQfH
The highlighted line will have your session_sid, Ctrl+C to copy the line, and paste it anywhere so you can isolate everything after "_sid=" to enter it on https://ffrkreeper.com/ like so: http://imgur.com/EXeHfHE ; and the website will track your drops for you.
Literally all of the work is finding that god damn session_sid, then copy-pasting it into ffrkreeper.
tPacketCapture seems safer, but require more works (in using WireShack to read the file created).
https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture
Network monitoring / packet sniffing while using the app. On non-rooted Android I have to use this (saves .pcap file which you can open in desktop Wireshark, doesn't seem to always work properly) or this (can be viewed directly in the app but no copy-paste, saves plain text file). iOS: probably not possible without jailbreak.
The previous link contains all of LM24, Spa links here (Silverstone links are gone):
You could try tpacketcapture for android (https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en)
Pake ini https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture&hl=en sama aja sih, beda metode.
Use tPacketCapture instead
The same way as other optimizers.. Get json file with your summons data using one of these ways:
- SWProxy
- using some pcap capture on your device (tPacketCapture) and you make json file here: SWARFARM - you have to import pcap file firstly and then export in rune optimizer format (not win10 format).
And then load it to the app and find bets rune sets for your summons.. Better to read help first.. Or as advice fill as much as you can at the bottom, and fill at least 1 filter to prevent situation with lack of memory on your computer because too much combinations will be generated.
well, have all very calculated. My cycle right now is I can farm it at 7-11-2-5 o clock. So at 7 I deplete stamina for 3 drops before starting work. then at lunchtime once, then at home 4 more times. So I never need to farm in traffic or when not at home (and when I cant, like Im out or something, I just do dailies too.)
Kreeper is not nearly as hard to it. I tried fiddler and for whatever reason I never got it to work, so when this came I tried and it works great.
Just need to install tpacketcapture, open it and set it to capture (pressing a button), open ffrk and change a menu. After that, you go to tcapture for the file it created, you send it to dropbox, read it with notepad++ (which I already used anyway,) find the session_id thingy, copy to ffrkreeper and voila!