Due to a subtle change in Android 10, the ContentResolver default mode
does not truncate files anymore, which causes corrupt PCAP files to be
generated when overwriting an existing file with greater size.
Issue: https://issuetracker.google.com/issues/180526528
The connection was serialized before starting the ConnectionDetailsActivity,
which sometimes caused a ConcurrentModificationException. Serialization
was not necessary and has been removed.
- 3 modes: no payload, minimal payload (save memory), full payload
- Display payload as hexdump
- Display HTTP requests and responses as string
- Show decrypted HTTPS (requires mitm addon)
- Decode chunked encoding and gzip body
- Show websockets messages (only with TLS decryption enabled)
- An icon indicates the connections decryption status
- Easily copy the HTTP request/response from the context menu
See #107
When the TLS decryption is enabled, it's now possible to export the
SSLKEYLOGFILE to decrypt the PCAP file in Wireshark. The export only
works when the capture is running.
When stopping the service, only stopForeground was called, but not
stopSelf. If the process was destroyed (e.g. by swiping the app
from the recent apps), in some cases it would be restarted due to
START_STICKY, causing ForegroundServiceStartNotAllowedException in
Android 12.
Fixes#175
The pcapdroid_mitm.py plugin allows PCAPdroid to receive the decrypted data from
mitmproxy and display it into the GUI (currently limited to the HTTP request)
When a client stopped the PCAP download, the isCloseConnection did not
detect the close. As a result, the PCAP dump would still be enqueued to
the ChunkedInputStream, causing the memory allocation to raise and never
be free.
Since NanoHTTPD does not seem to provide a way to detect connection close
and since it is not actively maintained, the HTTP server has been
replaced with an ad-hoc implementation which provides the minimal
features PCAPdroid needs to export the PCAP over HTTP.
PCAP dump is now performed into a separate thread. This greatly reduces
the chance for packet loss in root mode as well as preventing latency
spikes in VPN mode.
When no file manager was available, takePersistableUriPermission
was called without an Intent (and the corresponding
FLAG_GRANT_PERSISTABLE_URI_PERMISSION flag), causing a
SecurityException.
Fixes#176