Wireshark Learning Notes--how to quickly crawl HTTP packets

Source: Internet
Author: User
Tags http request port number

Reprint Address:

http://blog.csdn.net/xukai871105/article/details/31008635

0. The preface makes it easy to debug the network (crawl HTTP packets) in Firefox and Google Chrome, but it is less convenient to crawl HTTP packets in the 360 series browser (compatibility mode or IE Standard mode). Although Httpanalyzer can also be used, but after all, it is a fee software. Wireshark can also crawl HTTP requests and responses with just the right filtering and operation.     Here's how it's done. Suppose you run an HTTP server on port 8080, in this case using Python flask to run an HTTP service and listen on port 8080 for a simple addition operation, two data is submitted via Ajax on the Web page, such as a=2&b= 3,flask returns a JSON packet after processing, formatted as {"Result": 5}.
1. Set filter Condition "1" http and ip.addr = = 192.168.1.106 and Tcp.port = = 8080 "A" http: Specify network protocol "b" ip.addr = = 192.168.1.106: Specify the server IP address, Please replace it according to the actual situation. "c" tcp.port = = 8080, specify the port number, please replace according to the actual situation.
Figure 1 Filter Condition "2" click Apply click Apply to filter to get two packets, respectively, HTTP request and HTTP response.
Figure 2 HTTP requests and responses
2. View TCP traffic--follow TCP Stream "1" right-click on any packet, select follow TCP stream This step can filter out TCP packets related to the HTTP packet, including TCP 3 handshake, TCP Shard and assembly.
Figure 3 Select Follow TCP Stream "2" eventually get HTTP request and response "a" red background font for HTTP request, blue background font for HTTP response "B" from User-agent can be seen, 360 browser compatibility mode uses the IE8 kernel (the computer operating system is Xp,ie browser version 8), which indicates that 360 browsers use the IE kernel in the system.
Figure 4 HTTP request and response specific content

3. Summing up the use of Wireshark to crawl HTTP packets relative to Firefox or Google Chrome is more complicated, but it can also achieve the final result. These operations are divided into two steps, the first step is to set a reasonable filter, and the second step is to select Follow TCP Stream in any packet.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.