分享一个用于服务器抓包 HTTP 的工具,比 tcpdump+wireshark 更方便
kingddc314 · six-ddc · 2017-02-26 10:58:23 +08:00 · 7474 次点击这是一个创建于 2819 天前的主题,其中的信息可能已经有所发展或是发生改变。
经常有需要在服务器抓 HTTP 包看接口情况,配合 tcpdump 和 wireshark 分析,感觉很麻烦,于是写了一个抓包工具
Github: https://github.com/six-ddc/httpflow
效果如下,欢迎大家提意见:
 |
1
lxrmido 2017-02-26 11:06:41 +08:00
已 star ……
|
 |
2
TangMonk 2017-02-26 11:23:40 +08:00
不错!
|
 |
3
MinonHeart 2017-02-26 12:46:55 +08:00 via iPhone
和 curl 有什么区别么
看起来就是 curl |
 |
4
Muninn 2017-02-26 13:03:45 +08:00 via Android
@MinonHeart 十万八千里
|
 |
5
KCheshireCat 2017-02-26 13:14:37 +08:00
按实际功能来说不是应该跟 Fiddler 类似的工具比较么,虽然 Fiddler 是 win 平台的。
|
 |
6
kindjeff 2017-02-26 13:16:55 +08:00
@KCheshireCat fiddler 有个基于 mono 的 linux 版本,就是偶尔会卡。
|
 |
7
ctsed 2017-02-26 13:18:28 +08:00 via Android
有保存功能吗 在 fiddler chrome 等工具查看更方便一些
|
 |
8
webjin1 2017-02-26 13:23:22 +08:00
协议分析呢?
|
 |
9
kingddc314 OP @ctsed 可以保存呢, http_dump -w ./out ,按 Host 分文件夹保存
|
 |
10
slixurd 2017-02-26 14:08:03 +08:00
大概楼主想要的是这个效果?
➜ ~ curl -D - v2ex.com HTTP/1.1 301 Moved Permanently Server: nginx/1.11.6 Date: Sun, 26 Feb 2017 06:02:14 GMT Content-Type: text/html Content-Length: 185 Connection: keep-alive Location: https://v2ex.com/ X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net <html> <head><title>301 Moved Permanently</title></head> <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.11.6</center> </body> </html> ➜ ~ curl -iv --raw https://v2ex.com * Rebuilt URL to: https://v2ex.com/ * Trying 14.152.44.135... * TCP_NODELAY set * Connected to v2ex.com (14.152.44.135) port 443 (#0) * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: *.v2ex.com * Server certificate: TrustAsia DV SSL CA - G5 * Server certificate: VeriSign Class 3 Public Primary Certification Authority - G5 > GET / HTTP/1.1 > Host: v2ex.com > User-Agent: curl/7.51.0 > Accept: */* > < HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently < Server: nginx/1.11.6 Server: nginx/1.11.6 < Date: Sun, 26 Feb 2017 06:02:40 GMT Date: Sun, 26 Feb 2017 06:02:40 GMT < Content-Type: text/html Content-Type: text/html < Content-Length: 185 Content-Length: 185 < Connection: keep-alive Connection: keep-alive < Location: https://www.v2ex.com/ Location: https://www.v2ex.com/ < Strict-Transport-Security: max-age=10886400; includeSubDomains; preload Strict-Transport-Security: max-age=10886400; includeSubDomains; preload < X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net < <html> <head><title>301 Moved Permanently</title></head> <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.11.6</center> </body> </html> * Curl_http_done: called premature == 0 * Connection #0 to host v2ex.com left intact |
 |
11
unsec 2017-02-26 14:30:59 +08:00
|
 |
12
tony1016 2017-02-26 15:03:17 +08:00
可以看看 bettercap
|
 |
13
linhua 2017-02-26 15:47:43 +08:00  1
tcpdump 和 wireshark 配合很方便呀
ssh root@HOST tcpdump -U -s0 -w - 'not port 22' | "D:\Program Files\Wireshark\Wireshark.exe" -k -i - http://www.commandlinefu.com/commands/view/4373/analyze-traffic-remotely-over-ssh-w-wireshark |
 |
14
Lax 2017-02-26 16:58:42 +08:00 via iPad
compress 和 https 支持怎么样?
|
|
15
kingddc314 OP @Lax 支持 gzip ,不支持 https ,这种不用代理的抓包对 https 似乎无解
|
|
16
TangMonk 2017-02-27 09:19:57 +08:00
二进制文件怎么处理好。。
 |
|
17
kingddc314 OP |
|
18
TangMonk 2017-02-27 11:28:24 +08:00
|
 |
19
anyforever 2017-02-27 14:59:17 +08:00
想问下楼主怎么实现在右屏输入,在左屏响应的?
|
|
20
anyforever 2017-02-27 15:00:26 +08:00
另外,这个是不是你想要的? https://github.com/jkbrzt/httpie
|
 |
21
huangmingyou 2017-02-27 17:09:45 +08:00
少年,你用过 tcpick 吗
|
|
22
kingddc314 OP @huangmingyou 原来有这个工具,不错可以借鉴一下,另外他这个好像不支持 gzip 解压
|
|
23
kingddc314 OP 1
@TangMonk 二进制显示问题已经加上了,暂时直接做忽略处理
|
 |
24
antowa 2017-03-01 09:42:17 +08:00
感觉可以借鉴下。不过我一直用 chrome inspect (逃)
|
Select Language