I'm curious as to how I could figure out the API URL an Android application (any app I have installed) uses if it makes API calls to some online server (a RESTful service for example). I presume I have to capture packets on the device and maybe analyse them in Wireshark or something to find the URL? I'm fairly competent in Java/Android development, but a bit lost when it comes to any sort of network analysis business.
Any pointers to useful information or even a brief walk-through would be greatly appreciated.
you can do this with help of wireshark. I am listing steps here
emulator @<AVD name>)
adb install app_file_name.apk
select interface which you want to capture and click start to start capturing. you can see screenshot at http://i.stack.imgur.com/C891Q.png or below
now start using that app so packets will transfer to and fro and wireshark will capture it. you will see details in wireshark like this sreenshot at http://i.stack.imgur.com/9Brdl.png or below
if you have used app covering all sort of activity then you can stop wireshark to capture packets.
now start main business to analyse packets carefully but not all packets are usefull for our job. so lets filter packets which are relevant for you. lets your IP address is 192.168.0.32 then filter all the packets whose IP is this. so filter expression will be
ip.addr==192.168.0.32 apply this filter. still we an apply another filter to list up only relevant packets only so possibly that app is accessing API with HTTP protocol so apply HTTP filter. expression would be
http. you can apply both are filter at once
ip.addr==192.168.0.32 and http press enter to apply. now you will see most relevant packets for you. you can see the screenshot at http://i.stack.imgur.com/rZ6Vu.png or below
see the info carefully for listed packets you will see lot of important details, API keys, cookies etc