1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Intercepting XMPP traffic from an Android app

Discussion in 'Programming' started by xpro, Oct 29, 2016.

  1. xpro

    xpro Regular Member

    Joined:
    Jan 21, 2009
    Messages:
    426
    Likes Received:
    22
    Intercepting http/s is straight forward as there are many tools out there for it (Fiddler, Charles, Burp, etc)

    But I can not figure out a way to intercept XMPP traffic from an Android app. Is there anyway to do this?
     
  2. tasburrfoot

    tasburrfoot Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    323
    Likes Received:
    152
    Burp suite can do this.

    you are trying to intercept on the network I assume?

    I'll dig up some reference reading for you.
     
  3. tasburrfoot

    tasburrfoot Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    323
    Likes Received:
    152
    Or you could just setup wireshark, filter out all devices except the one you're targetting, and then apply a protocol filter specifically for xampp
     
  4. webwhizz

    webwhizz BANNED BANNED

    Joined:
    Apr 3, 2011
    Messages:
    724
    Likes Received:
    659
    stick with fiddler, you can doit i know Diamond Damien , oxon beef, real address using that method. they left too many clues on here.
     
    Last edited: Oct 30, 2016
  5. xpro

    xpro Regular Member

    Joined:
    Jan 21, 2009
    Messages:
    426
    Likes Received:
    22
    Fiddler is for HTTP only, it does not capture XMPP
     
  6. xpro

    xpro Regular Member

    Joined:
    Jan 21, 2009
    Messages:
    426
    Likes Received:
    22
    Burp is also for HTTP only. It does not capture XMPP
     
  7. Gary Carlyle

    Gary Carlyle Regular Member

    Joined:
    Aug 27, 2010
    Messages:
    249
    Likes Received:
    45
    Home Page:
    Following.

    Sniffing data is my world, =)
     
  8. tasburrfoot

    tasburrfoot Regular Member

    Joined:
    Dec 16, 2008
    Messages:
    323
    Likes Received:
    152
    As I mentioned above, wireshark will get the job done.

    Also Burp WILL work - if you're a hacker you WILL figure shit out, it's what you do.
    https://github.com/summitt/Burp-Non-HTTP-Extension - havent used it personally, but I can't see why it wouldn't.

    Also, you could use SSLSplit.

    I mean, just google "MITM XMPP" and you'll find a crap ton of GIT-Repo's such as https://github.com/iamultra/xmppmitm and a shitload of other resources. By the amount of, and availability of, resources out there I'm starting to think you didn't even bother looking yourself before making this thread.
     
  9. Gakbar

    Gakbar Newbie

    Joined:
    Sep 12, 2017
    Messages:
    1
    Likes Received:
    0
    Gender:
    Male
    Hi

    Need some help on whats app incoming call, need to track the location/identity or source of this incoming call?
    Can u advise