Packet Capture on iOS Device

Found this tweet and wanted to test it and record it for future reference.

Screen Shot 2018-03-08 at 9.26.02 AM

I envision the most useful aspect is to t-shoot secure paging to personal devices in Medical Verticals. For example: Hospital System has an issue with secure paging being delayed. Where is the delay? Or is the transmission simply not being transmitted to the iOS device.

To obtain the UDID:

  1. Connect iOS device via USB to MAC
  2. Open up iTunes
  3. Click the Serial Number Field on the Device Summary screen
  4. UDID will be displayed


Screen Shot 2018-03-08 at 9.37.27 AM.png

Screen Shot 2018-03-08 at 9.37.36 AM

Start RVICTL -s <UDID>

m85077:~ wsmith3$ rvictl -s 2691c94e0ddf253525630d9ba382f5937a196b6f
Starting device 2691c94e0ddf253525630d9ba382f5937a196b6f [SUCCEEDED] with interface rvi0


m85077:~ wsmith3$ sudo tcpdump|wireshark -i rvi0
tcpdump: data link type PKTAP
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pktap, link-type PKTAP (Packet Tap), capture size 262144 bytes

Screen Shot 2018-03-08 at 9.47.49 AM.png

Screen Shot 2018-03-08 at 12.06.32 PM.png

Additional Links:



One thought on “Packet Capture on iOS Device

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s