Wireshark数据包分析之HTTP协议包解读

企业开发 2018-06-06 06:12:14 阅读次数: 2

*此篇博客仅作为个人笔记和学习参考

GET方法的数据包分析

Wireshark数据包分析之HTTP协议包解读

Hypertext Transfer Protocol
GET / HTTP/1.1\r\n #请求行信息#
[Expert Info (Chat/Sequence): GET / HTTP/1.1\r\n] #专家信息#
Request Method: GET #请求的方法#
Request URI: / #请求的URI#
Request Version: HTTP/1.1 #请求的版本#
Host: www.boomgg.cn\r\n #请求主机#
Connection: keep-alive\r\n #使用持久链接#
Upgrade-Insecure-Requests: 1\r\n #升级不安全请求#
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36\r\n #浏览器类型#
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8\r\n #请求的类型#
Accept-Encoding: gzip, deflate, sdch\r\n #请求的编码格式#
Accept-Language: zh-CN,zh;q=0.8\r\n #请求语言#
Cookie: CNZZDATA155540=cnzz_eid%3D2093723420-1483596271-%26ntime%3D1483596271\r\n #Cookie信息#
Cookie pair: CNZZDATA155540=cnzz_eid%3D2093723420-1483596271-%26ntime%3D1483596271\r\n #Cookie对#
[Full request URI: http://www.boomgg.cn/] #请求的URI全称#
[HTTP request 1/3] #HTTP请求进度#
[Response in frame: 12] #响应帧#
[Next request in frame: 15] #下一个请求帧#

Wireshark数据包分析之HTTP协议包解读

Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n #响应行信息#
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n] #专家信息#
Request Version: HTTP/1.1 #请求版本#
Status Code: 200 #状态码#
Response Phrase: OK #响应短语#
Date: Tue, 31 Jan 2017 07:34:36 GMT\r\n #响应时间#
Server: Apache/2.4.6 (CentOS) PHP/5.4.16\r\n #服务器信息#
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT\r\n #上一次修改#
ETag: "4b8d-4fc0a3f32a9c0"\r\n #上一次修改标识#
Accept-Ranges: bytes\r\n #接收范围#
Content-Length: 19341\r\n #内容长度#
Keep-Alive: timeout=5, max=99\r\n #保持响应时间,以及最大值#
Connection: Keep-Alive\r\n #使用持久链接#
Content-Type: text/css\r\n #响应的内容类型#
[HTTP response 2/3] #HTTP响应#
[Time since request: 0.423110000 seconds] #响应使用时长#
[Prev request in frame: 5] #上一个请求的帧#
[Prev response in frame: 12] #上一个响应的帧#
[Request in frame: 15] #请求的帧#
[Next request in frame: 47] #下一个请求的帧#
[Next response in frame: 59] #下一个响应的帧#
File Data: 19341 bytes #文件数据大小#
Line-based text data: text/css #数据#

POST方法的数据包分析

Wireshark数据包分析之HTTP协议包解读

基本同上
Hypertext Transfer Protocol
POST /Login.aspx HTTP/1.1\r\n
[Expert Info (Chat/Sequence): POST /Login.aspx HTTP/1.1\r\n]
[POST /Login.aspx HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: POST
Request URI: /Login.aspx
Request Version: HTTP/1.1
Host: 192.168.1.113\r\n
Connection: keep-alive\r\n
Content-Length: 232\r\n
[Content length: 232]
Cache-Control: max-age=0\r\n
Origin: http://192.168.1.113\r\n
Upgrade-Insecure-Requests: 1\r\n
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36\r\n
Content-Type: application/x-www-form-urlencoded\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8\r\n
Referer: http://192.168.1.113/Login.aspx\r\n
Accept-Encoding: gzip, deflate\r\n
Accept-Language: zh-CN,zh;q=0.8\r\n
Cookie: CNZZDATA155540=cnzz_eid%3D1111972901-1485847397-%26ntime%3D1485847397\r\n
Cookie pair: CNZZDATA155540=cnzz_eid%3D1111972901-1485847397-%26ntime%3D1485847397
\r\n
[Full request URI: http://192.168.1.113/Login.aspx]
[HTTP request 3/5]
[Prev request in frame: 103]
[Response in frame: 116]
[Next request in frame: 117]
File Data: 232 bytes
HTML Form URL Encoded: application/x-www-form-urlencoded
Form item: "VIEWSTATE" = "/wEPDwULLTE2NDIxODkzMTdkZJ7MzhenUUfXodvToYkVaXvn0yfdfHjuKEO48w8QcgNA"
Form item: "EVENTVALIDATION" = "/wEWBAKgrJH+CQLr/4HfAgLPyszgDQKr1YrVCg3Y+W/qSNhR3JLDwqBQ34U2Wh/M2l3/ijyDFw7qhPPT"
Form item: "UserID" = "Kemin" #这里可以看到发送的用户名
Form item: "UserPass" = "Fang" #这里可以看到发送的密码
Form item: "Log" = "Login"

Wireshark数据包分析之HTTP协议包解读

基本同上
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n]
[HTTP/1.1 200 OK\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Version: HTTP/1.1
Status Code: 200
Response Phrase: OK
Cache-Control: private\r\n
Content-Type: text/html; charset=utf-8\r\n
Content-Encoding: gzip\r\n
Vary: Accept-Encoding\r\n
Server: Microsoft-IIS/7.5\r\n
X-AspNet-Version: 4.0.30319\r\n
X-Powered-By: ASP.NET\r\n
Date: Tue, 31 Jan 2017 07:43:17 GMT\r\n
Content-Length: 1434\r\n
[Content length: 1434]
\r\n
[HTTP response 4/5]
[Time since request: 0.102894000 seconds]
[Prev request in frame: 114]
[Prev response in frame: 116]
[Request in frame: 117]
[Next request in frame: 133]
[Next response in frame: 176]
Content-encoded entity body (gzip): 1434 bytes -> 2563 bytes
File Data: 2563 bytes
Line-based text data: text/html

猜你喜欢

转载自blog.51cto.com/13444271/2125346
今日推荐
火速冲上 GitHub 热榜 —— 开源编程语言、框架哪有这么可爱?
北京人形机器人创新中心发布全球首个纯电驱拟人奔跑的全尺寸人形机器人“天工”
LFOSSA 源来如此公开课 | 掌握云原生未来:CNCF 认证全面攻略与备考秘籍
国产云输入法——仅华为无云端数据上传安全问题
开源日报 | 工业开源项目OGG 1.0;姐姐,你要和我一起配置火狐吗;苹果AI遥遥落后?Fedora 40
开放签电子签章:停止新增,优化体验,前进更进(五一假期前工作)
开源日报 | 中学生开源前端动画引擎;全球首个Llama3 8B中文版开源模型;联想电脑恐出局;Linus讽刺AI炒作
周排行
浏览器对同一域名进行请求的最大并发连接数
React Hook之自定义Hook
【转】MyBatis缓存机制
-Java-泛型
自动化测试常用脚本-发送邮件
LeetCode#859: Buddy Strings
java、Python处理字符串
第二篇の博客
Hadoop伪分布式环境安装
SQL Server进阶(十一)临时表、表变量
每日归档
更多
2024-04-27(56)
2024-04-26(39)
2024-04-25(22)
2024-04-24(36)
2024-04-23(26)
2024-04-22(39)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022