Over the last few months, there has always been one e-mail asking for software that lets users spy on smartphones, or a comment over on our Telegram channel every few weeks or even in my private messages, I’ve always wanted to know why people are looking for these apps but I am still to get the balls to ask them.
Why does everyone in my work Dms need spy apps?
— OoF (@NigelJr_) May 14, 2021
I digress, this is the closest I could come to a spy software: Wireshark. Want to know what your partner who is now always on their phone is up to (with their permission)? If you’re on the same Wi-Fi network, it’s as simple as opening Wireshark and configuring a few settings. You can use the tool to decrypt WPA2 network traffic so we can spy on which applications a phone is running in real-time.
What is Wireshark?
Wireshark is an open-source network protocol analysis software program started by Gerald Combs in 1998. Wireshark is a packet sniffer and analysis tool. It captures network traffic on the local network and stores that data for offline analysis. Wireshark captures network traffic from Ethernet, Bluetooth, Wireless (IEEE.802.11), Token Ring, Frame Relay connections, and more.
Ed. Note: A “packet” is a single message from any network protocol (i.e., TCP, DNS, etc.)
Ed. Note 2: LAN traffic is in broadcast mode, meaning a single computer with Wireshark can see traffic between two other computers. If you want to see traffic to an external site, you need to capture the packets on the local computer.
Wireshark allows you to filter the log either before the capture starts or during analysis, so you can narrow down and zero in to what you are looking for in the network trace. For example, you can set a filter to see TCP traffic between two IP addresses. You can set it only to show you the packets sent from one computer. The filters in Wireshark are one of the primary reasons it became the standard tool for packet analysis.
Wireshark developers say the software is absolutely safe to use. Government agencies, corporations, non-profits, and educational institutions use Wireshark for troubleshooting and teaching purposes. There isn’t a better way to learn networking than to look at the traffic under the Wireshark microscope.
There are questions about the legality of Wireshark since it is a powerful packet sniffer. The Light Side of the Force says that you should only use Wireshark on networks where you have permission to inspect network packets. Using Wireshark to look at packets without permission is a path to the Dark Side.
Downloading and installing Wireshark is easy. Step one is to check the official Wireshark Download page for the operating system you need. The basic version of Wireshark is free.
You can learn how to use Wireshark to spy on the same wifi smartphone traffic here.