Reset Search
 

 

Article

KB44358 - Obtain or record a packet capture (tcpdump) from an iOS device

« Go Back

Information

 
Last Modified Date2/9/2020 4:06 PM
Synopsis
This article provides instructions to obtain or record a packet capture (tcpdump) from an iOS device.
Problem or Goal
Under some circumstances, a packet capture from an iOS device can be helpful to understand problem, but there is no app that will let you record a packet capture directly on the device.
Cause
Solution

Requirements:

  1. Macbook with Xcode installed
  2. Lighting cable to connect iPhone to Macbook
  3. Wireshark


Instructions:

  1. Make sure Macbook has the latest Xcode version installed
  2. Connect iPhone to Macbook with the lighting cable
  3. From the Macbook, open Xcode app
  4. From the top menu, select Window > Devices and Simulators
  5. From the left pane, select the iPhone device
User-added image
  1. In the right pane, find the identifier of iPhone and copy to clipboard
  2. Open a terminal window and navigate to /Library/Apple/usr/bin
  3. Execute the following command:
./rvictl -s <identifier of iPhone>

Starting device XXXXX [SUCCEEDED] with interface rvi0
  1. Open Wireshark.
  2. Under Capture menu, locate and double click the rvi interface.  In this example, it is rvi0.
User-added image
  1. Replicate the issue and save the tcpdump
  2. Once completed, make sure to remove the rvi interface by running the following command:
./rvictl -x <identifier of iPhone>

Stopping device XXXX [SUCCEEDED]
Related Links
Attachment 1 
Created ByK. Kitajima

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255