Get full HTTP request description via TShark
문제
I need to get full description of the HTTP requests with TShark sniffer. I mean something like Wireshark's GUI where you can get:
- raw request data (zipped/unzipped);
- pretty printed extracted HTTP fields: (Host, Accepted-Encoding, Cookies, etc).
For now I'm able to dissect HTTP with:
tshark -i eth0 -f 'dst host xxx.xxx.xxx.xxx' -d tcp.port=80,http
it prints something like this:
139389.228821 x.x.x.x -> y.y.y.y HTTP GET /test.html HTTP/1.1
or I can print cookie (or all cookies?) for example with:
tshark -i eth0 -f 'dst host xxx.xxx.xxx.xxx' -T fields -e http.cookie
But I want complete HTTP request description with raw data. Is it possible?
해결책
Note: See comments for accepted answer.
Curl might be able to do this for you. when you post your data via curl, use the -v
and -i
options. You can also use -b
and -c
to read/write cookie info to a file so you can look at it.
This may not be exactly what you want as it sounds like you already have a program thats doing the posting but if you can re-create the post and send with curl, you'll see all of the raw data (when using the right options).
Curl docs are here
다른 팁
If it is only to monitor traffic from your own computer, try Fiddler
Or use Firefox's Firebug, and/or Live HTTP Headers, and/or the Web Developer Toolbar