Linux system tips (6): Combining wireshark and strace - Code World

Linux system tips (6): Combining wireshark and strace

Others 2022-04-28 08:30:30 views: 0

Summary: Capturing packets alone or using strace to trace the execution path of a process can solve many problems. So, what about team fighting if you combine the two?

The following is unfinished, and will be supplemented in the future.

First declare that wireshark here can be replaced by tcpdump.

Wireshark and strace, for hackers, are must-haves in the toolbox. Engineers who have experience in troubleshooting and diagnosis, who has no experience in capturing and analyzing packets?

Relatively speaking, strace is less famous. After all, there are not many people who are conscious and capable of tracing the execution path of a process. And there are more than 20 common system calls.

Let's use a diagram to see the location of the system call

unix_system_block.

So, we can capture packets at both ends, track the execution path of the process at the same time, and hook the execution path and network flow behavior through time. All you need is to let strace give the timestamp

strace -f -ff -s 256 -tt -o strace.log your_program
This article is the original content of the Yunqi community and cannot be reproduced without permission. If you need to reprint, please send an email to yqeditor@ list.alibaba-inc.com; if you find any content suspected of plagiarism in this community, please send an email to: [email protected] to report and provide relevant evidence. Once verified, this community will immediately delete the suspected infringement content.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326202756&siteId=291194637

Linux system tips (6): Combining wireshark and strace

Use of strace command in Linux system

Linux strace

linux artifact resolve strace

Usage of strace under linux

10 Tips for sudo command in Linux system

10 Tips for sudo command in Linux system

10 Tips for sudo command in Linux system

linux's strace command monitoring system function calls (syscall) within a certain period of time or longer

[Debugging] Linux strace command | Trace process system calls and received signals | Failed to find dependent libraries

Linux, a powerful debugging tool strace

linux backdoor strace backdoor keylogger

linux system built-in command to view help tips

Distributed System Link Tracing Practice: Combining Dubbo

Linux process state analysis strace command

Linux-Debugging (objdump/strace/strings)

Linux System Programming (6): Threads

linux learning 6 Linux system components and initial

Linux|Operating system|What you should know about network packet capture (mainly wireshark, tcpdump)

Install Wireshark in Windows system (graphic)

Peering inside a computer system: an in-depth analysis of the strace tool

Linux| |Linux Tips

6 Tips for Using React

6 Tips for Using React

Deep Dive into Wireshark: A Comprehensive Guide and Advanced Filtering Tips

Use the MediaMuxer of the Android system to write a method for combining audio and video.

6 machine work on Linux System Administration

Linux system configuration IPv6

Install Linux Centos6 version of the system

6 ways to check IP address in Linux system

Recommended

Ranking

Reason Codes enhanced accounting documents

The first test case appium

Force command and dispatch emergency communication plan

Interview - What is concurrent programming

21 classic Python interview questions [recommended collection]

[Dahua Data Structure-Introduction to Data Structure ①]

Spring @ConfigurationProperties

Why do we want to broadcast live on WeChat public account? What are the advantages?

How to bring up the toolbar under the desktop of Apple laptop

Dialog: Manually enter information

Daily

More

2024-05-21(35)

2024-05-20(5)

2024-05-19(0)

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)