Î÷Î÷Èí¼þÔ°¶àÖØ°²È«¼ì²âÏÂÔØÍøÕ¾¡¢ÖµµÃÐÅÀµµÄÈí¼þÏÂÔØÕ¾£¡
Èí¼þ
Èí¼þ
ÎÄÕÂ
ËÑË÷

Ê×Ò³ ¡ú Î÷Î÷½Ì³Ì ¡ú ÆäËü½Ì³Ì ¡ú wiresharkÔõôץ°ü¡¢wireshark×¥°üÏêϸͼÎĽ̳Ì

wiresharkÔõôץ°ü¡¢wireshark×¥°üÏêϸͼÎĽ̳Ì

Ïà¹ØÈí¼þÏà¹ØÎÄÕ·¢±íÆÀÂÛ À´Ô´£ºÐ¡Ì¹¿Ëʱ¼ä£º2013/5/2 17:10:06×ÖÌå´óС£ºA-A+

×÷ÕߣºÐ¡Ì¹¿Ëµã»÷£º44117´ÎÆÀÂÛ£º8´Î±êÇ©£º wireshark

Wireshark Portable1.4.2 Ãâ·Ñ°æ
  • ÀàÐÍ£ºä¯ÀÀ¸¨Öú´óС£º18.7MÓïÑÔ£ºÓ¢ÎÄ ÆÀ·Ö£º4.0
  • ±êÇ©£º
Á¢¼´ÏÂÔØ

wiresharkÊǷdz£Á÷ÐеÄÍøÂç·â°ü·ÖÎöÈí¼þ£¬¹¦ÄÜÊ®·ÖÇ¿´ó¡£¿ÉÒÔ½ØÈ¡¸÷ÖÖÍøÂç·â°ü£¬ÏÔʾÍøÂç·â°üµÄÏêϸÐÅÏ¢¡£Ê¹ÓÃwiresharkµÄÈ˱ØÐëÁ˽âÍøÂçЭÒ飬·ñÔò¾Í¿´²»¶®wiresharkÁË¡£
ΪÁË°²È«¿¼ÂÇ£¬wiresharkÖ»Äܲ鿴·â°ü£¬¶ø²»ÄÜÐ޸ķâ°üµÄÄÚÈÝ£¬»òÕß·¢ËÍ·â°ü¡£

wiresharkÄÜ»ñÈ¡HTTP£¬Ò²ÄÜ»ñÈ¡HTTPS£¬µ«ÊDz»ÄܽâÃÜHTTPS£¬ËùÒÔwireshark¿´²»¶®HTTPSÖеÄÄÚÈÝ£¬×ܽᣬÈç¹ûÊÇ´¦ÀíHTTP,HTTPS »¹ÊÇÓÃFiddler, ÆäËûЭÒé±ÈÈçTCP,UDP ¾ÍÓÃwireshark.

Wireshark(ÍøÂçÐá̽ץ°ü¹¤¾ß)

wireshark ¿ªÊ¼×¥°ü

¿ªÊ¼½çÃæ

wiresharkÊDz¶»ñ»úÆ÷ÉϵÄijһ¿éÍø¿¨µÄÍøÂç°ü£¬µ±ÄãµÄ»úÆ÷ÉÏÓжà¿éÍø¿¨µÄʱºò£¬ÄãÐèҪѡÔñÒ»¸öÍø¿¨¡£

µã»÷Caputre->Interfaces.. ³öÏÖÏÂÃæ¶Ô»°¿ò£¬Ñ¡ÔñÕýÈ·µÄÍø¿¨¡£È»ºóµã»÷"Start"°´Å¥, ¿ªÊ¼×¥°ü

Wireshark ´°¿Ú½éÉÜ

WireShark Ö÷Òª·ÖΪÕ⼸¸ö½çÃæ

1. Display Filter(ÏÔʾ¹ýÂËÆ÷)£¬  ÓÃÓÚ¹ýÂË

2. Packet List Pane(·â°üÁбí)£¬ ÏÔʾ²¶»ñµ½µÄ·â°ü£¬ ÓÐÔ´µØÖ·ºÍÄ¿±êµØÖ·£¬¶Ë¿ÚºÅ¡£ ÑÕÉ«²»Í¬£¬´ú±í

3. Packet Details Pane(·â°üÏêϸÐÅÏ¢), ÏÔʾ·â°üÖеÄ×Ö¶Î

4. Dissector Pane(16½øÖÆÊý¾Ý)

5. Miscellanous(µØÖ·À¸£¬ÔÓÏî)

ʹÓùýÂËÊǷdz£ÖØÒªµÄ£¬ ³õѧÕßʹÓÃwiresharkʱ£¬½«»áµÃµ½´óÁ¿µÄÈßÓàÐÅÏ¢£¬ÔÚ¼¸Ç§ÉõÖÁ¼¸ÍòÌõ¼Ç¼ÖУ¬ÒÔÖÁÓÚºÜÄÑÕÒµ½×Ô¼ºÐèÒªµÄ²¿·Ö¡£¸ãµÃÔÎͷתÏò¡£

¹ýÂËÆ÷»á°ïÖúÎÒÃÇÔÚ´óÁ¿µÄÊý¾ÝÖÐѸËÙÕÒµ½ÎÒÃÇÐèÒªµÄÐÅÏ¢¡£

¹ýÂËÆ÷ÓÐÁ½ÖÖ£¬

Ò»ÖÖÊÇÏÔʾ¹ýÂËÆ÷£¬¾ÍÊÇÖ÷½çÃæÉÏÄǸö£¬ÓÃÀ´ÔÚ²¶»ñµÄ¼Ç¼ÖÐÕÒµ½ËùÐèÒªµÄ¼Ç¼

Ò»ÖÖÊDz¶»ñ¹ýÂËÆ÷£¬ÓÃÀ´¹ýÂ˲¶»ñµÄ·â°ü£¬ÒÔÃⲶ»ñÌ«¶àµÄ¼Ç¼¡£ ÔÚCapture -> Capture Filters ÖÐÉèÖÃ

±£´æ¹ýÂË

ÔÚFilterÀ¸ÉÏ£¬ÌîºÃFilterµÄ±í´ïʽºó£¬µã»÷Save°´Å¥£¬ È¡¸öÃû×Ö¡£±ÈÈç"Filter 102",

FilterÀ¸ÉϾͶàÁ˸ö"Filter 102" µÄ°´Å¥¡£

¹ýÂ˱í´ïʽµÄ¹æÔò

±í´ïʽ¹æÔò

 1. ЭÒé¹ýÂË

±ÈÈçTCP£¬Ö»ÏÔʾTCPЭÒé¡£

2. IP ¹ýÂË

±ÈÈç ip.src ==192.168.1.102 ÏÔʾԴµØַΪ192.168.1.102£¬

ip.dst==192.168.1.102, Ä¿±êµØַΪ192.168.1.102

3. ¶Ë¿Ú¹ýÂË

tcp.port ==80,  ¶Ë¿ÚΪ80µÄ

tcp.srcport == 80,  Ö»ÏÔʾTCPЭÒéµÄÔ¸¶Ë¿ÚΪ80µÄ¡£

4. Httpģʽ¹ýÂË

http.request.method=="GET",   Ö»ÏÔʾHTTP GET·½·¨µÄ¡£

5. Âß¼­ÔËËã·ûΪ AND/ OR

³£ÓõĹýÂ˱í´ïʽ

¹ýÂ˱í´ïʽÓÃ;
httpÖ»²é¿´HTTPЭÒéµÄ¼Ç¼
ip.src ==192.168.1.102 or ip.dst==192.168.1.102 Ô´µØÖ·»òÕßÄ¿±êµØÖ·ÊÇ192.168.1.102
  
  

·â°üÁбí(Packet List Pane)

·â°üÁбíµÄÃæ°åÖÐÏÔʾ£¬±àºÅ£¬Ê±¼ä´Á£¬Ô´µØÖ·£¬Ä¿±êµØÖ·£¬Ð­Ò飬³¤¶È£¬ÒÔ¼°·â°üÐÅÏ¢¡£ Äã¿ÉÒÔ¿´µ½²»Í¬µÄЭÒéÓÃÁ˲»Í¬µÄÑÕÉ«ÏÔʾ¡£

ÄãÒ²¿ÉÒÔÐÞ¸ÄÕâЩÏÔʾÑÕÉ«µÄ¹æÔò£¬  View ->Coloring Rules.

·â°üÏêϸÐÅÏ¢ (Packet Details Pane)

Õâ¸öÃæ°åÊÇÎÒÃÇ×îÖØÒªµÄ£¬ÓÃÀ´²é¿´Ð­ÒéÖеÄÿһ¸ö×ֶΡ£

¸÷ÐÐÐÅÏ¢·Ö±ðΪ

Frame:   ÎïÀí²ãµÄÊý¾ÝÖ¡¸Å¿ö

Ethernet II: Êý¾ÝÁ´Â·²ãÒÔÌ«ÍøÖ¡Í·²¿ÐÅÏ¢

Internet Protocol Version 4: »¥ÁªÍø²ãIP°üÍ·²¿ÐÅÏ¢

Transmission Control Protocol:  ´«Êä²ãTµÄÊý¾Ý¶ÎÍ·²¿ÐÅÏ¢£¬´Ë´¦ÊÇTCP

Hypertext Transfer Protocol:  Ó¦ÓòãµÄÐÅÏ¢£¬´Ë´¦ÊÇHTTPЭÒé

TCP°üµÄ¾ßÌåÄÚÈÝ

 ´ÓÏÂͼ¿ÉÒÔ¿´µ½wireshark²¶»ñµ½µÄTCP°üÖеÄÿ¸ö×ֶΡ£

¿´µ½Õ⣬ »ù±¾É϶ÔwireshakÓÐÁ˳õ²½Á˽⣬ ÏÖÔÚÎÒÃÇ¿´Ò»¸öTCPÈý´ÎÎÕÊÖµÄʵÀý

 Èý´ÎÎÕÊÖ¹ý³ÌΪ

ÕâͼÎÒ¶¼¿´¹ýºÜ¶à±éÁË£¬ Õâ´ÎÎÒÃÇÓÃwiresharkʵ¼Ê·ÖÎöÏÂÈý´ÎÎÕÊֵĹý³Ì¡£

´ò¿ªwireshark, ´ò¿ªä¯ÀÀÆ÷ÊäÈë http://www.cr173.com

ÔÚwiresharkÖÐÊäÈëhttp¹ýÂË£¬ È»ºóÑ¡ÖÐGET /tankxiao HTTP/1.1µÄÄÇÌõ¼Ç¼£¬ÓÒ¼üÈ»ºóµã»÷"Follow TCP Stream",

ÕâÑù×öµÄÄ¿µÄÊÇΪÁ˵õ½Óëä¯ÀÀÆ÷´ò¿ªÍøÕ¾Ïà¹ØµÄÊý¾Ý°ü£¬½«µÃµ½ÈçÏÂͼ

ͼÖпÉÒÔ¿´µ½wireshark½Ø»ñµ½ÁËÈý´ÎÎÕÊÖµÄÈý¸öÊý¾Ý°ü¡£µÚËĸö°ü²ÅÊÇHTTPµÄ£¬ Õâ˵Ã÷HTTPµÄÈ·ÊÇʹÓÃTCP½¨Á¢Á¬½ÓµÄ¡£

µÚÒ»´ÎÎÕÊÖÊý¾Ý°ü

¿Í»§¶Ë·¢ËÍÒ»¸öTCP£¬±ê־λΪSYN£¬ÐòÁкÅΪ0£¬ ´ú±í¿Í»§¶ËÇëÇó½¨Á¢Á¬½Ó¡£ ÈçÏÂͼ

µÚ¶þ´ÎÎÕÊÖµÄÊý¾Ý°ü

·þÎñÆ÷·¢»ØÈ·ÈÏ°ü, ±ê־λΪ SYN,ACK. ½«È·ÈÏÐòºÅ(Acknowledgement Number)ÉèÖÃΪ¿Í»§µÄI S N¼Ó1ÒÔ.¼´0+1=1, ÈçÏÂͼ

µÚÈý´ÎÎÕÊÖµÄÊý¾Ý°ü

¿Í»§¶ËÔٴη¢ËÍÈ·ÈÏ°ü(ACK) SYN±ê־λΪ0,ACK±ê־λΪ1.²¢ÇÒ°Ñ·þÎñÆ÷·¢À´ACKµÄÐòºÅ×Ö¶Î+1,·ÅÔÚÈ·¶¨×Ö¶ÎÖз¢Ë͸ø¶Ô·½.²¢ÇÒÔÚÊý¾Ý¶Î·ÅдISNµÄ+1, ÈçÏÂͼ:

 ¾ÍÕâÑùͨ¹ýÁËTCPÈý´ÎÎÕÊÖ£¬½¨Á¢ÁËÁ¬½Ó

    Ïà¹ØÆÀÂÛ

    ÔĶÁ±¾ÎĺóÄúÓÐʲô¸ÐÏë? ÒÑÓÐÈ˸ø³öÆÀ¼Û!

    • 8 ϲ»¶Ï²»¶
    • 3 ¶¥¶¥
    • 1 ÄѹýÄѹý
    • 5 ‡å‡å
    • 3 Χ¹ÛΧ¹Û
    • 2 ÎÞÁÄÎÞÁÄ

    ÈÈÃÅÆÀÂÛ

    ×îÐÂÆÀÂÛ

    µÚ 16 Â¥ ±¾»úµØÖ·Öйú ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2016/5/6 7:15:25
    真的很好,顶

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 15 Â¥ ±¾»úµØÖ·CZ88.NET ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/11/9 11:18:58
    ºÜ²»´í

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 14 Â¥ ±¾»úµØÖ·CZ88.NET ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/11/3 16:51:28
    ÔÞÒ»¸ö £¡£¡£¡

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 13 Â¥ ±¾»úµØÖ·CZ88.NET ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/8/11 19:58:24
    ÔÞ

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 12 Â¥ ±¾»úµØÖ·CZ88.NET ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/8/10 19:54:08
    O(¡É_¡É)Oлл

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 11 Â¥ ¼ªÁÖÁªÍ¨ ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/5/26 10:07:15
    ºÜ²»´í£¬Ï£Íû¼ÌÐøÓÐÀàËÆÎĵµ

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 10 Â¥ ¹ã¶«·ðɽ˳µÂÁªÍ¨ ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/4/21 22:27:57
    不错的东西

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 9 Â¥ ÃÀ¹úCZ88.NET ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/2/10 9:04:22
    很棒,很透彻

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 8 Â¥ CZ88.NETÿ ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/1/18 10:16:39
    赞一个

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    µÚ 7 Â¥ CZ88.NETÿ ÍøÓÑ ¿ÍÈË ·¢±íÓÚ: 2015/1/11 12:31:26
    很好!

    Ö§³Ö( 0 ) ¸ÇÂ¥(»Ø¸´)

    ·¢±íÆÀÂÛ ²é¿´ËùÓÐÆÀÂÛ(8)

    êdzÆ:
    ±íÇé: ¸ßÐË ¿É º¹ ÎÒ²»Òª º¦Ðß ºÃ ÏÂÏÂÏ ËÍ»¨ ʺ Ç×Ç×
    ×ÖÊý: 0/500 (ÄúµÄÆÀÂÛÐèÒª¾­¹ýÉóºË²ÅÄÜÏÔʾ)