1、夜神模拟器连接不上adb
D:1手机木马取证android-sdk新建文件夹platform-tools>adb devices
List of devices attached
adb server version <36> doesn't match this client <39>; killing...
* daemon started successfully
提示:adb服务版本和客户端版本不同,被杀死。我分别查看了一下platform-tools和夜神里面adb的版本
解决:
将夜神模拟器中的adb.exe替换成platform-tools中的adb.exe,platform-tools中的adb.exe重命名nox_adb.exe后再复制到夜神模拟器bin下,重启夜神模拟器和adb。
再输入 adb devices 就能够看到夜神的设备
2、出现 /system/bin/sh: push :not found
解决:导致原因是adb环境变量配置有问题,不进入 adb shell ,直接在Windows命令行输入 adb push tcpdump文件路径 放入路径
D:1手机木马取证android-sdk新建文件夹platform-tools>adb push tcpdump /data/local/tmp/tcpdump
3、出现 Is a directory
解决:正确输入是 /sdcard/
D:1手机木马取证android-sdk新建文件夹platform-tools>adb push E: cpdump cpdump /sdcard/
4、出现 /system/bin/sh: tcpdump:can't execute:Permission denied
chmod 6755 /system/bin/tcpdump
5、出现 /system/bin/sh:tcpdump:not found
解决:将tcpdumppush到手机/system/bin/路径下
6、出现 failed to copy 'tcpdump' to '/system/bin/tcpdump': read-only file system
mount -o rw,remount /system
7、使用adb+tcpdump抓取Android手机数据包
用tcpdump开始抓包adb shell tcpdump -i any -p -s 0 -w /sdcard/capture.pcap
将流量包取出到platform-toolsw文件里
adb pull /sdcard/capture.pcap