分享一个用于服务器抓包 HTTP 的工具，比 tcpdump+wireshark 更方便

lxrmido

2017-02-26 11:06:41 +08:00

已 star ……

TangMonk

2017-02-26 11:23:40 +08:00

不错！

MinonHeart

2017-02-26 12:46:55 +08:00

和 curl 有什么区别么
看起来就是 curl

Muninn

2017-02-26 13:03:45 +08:00

@MinonHeart 十万八千里

KCheshireCat

2017-02-26 13:14:37 +08:00

按实际功能来说不是应该跟 Fiddler 类似的工具比较么，虽然 Fiddler 是 win 平台的。

kindjeff

2017-02-26 13:16:55 +08:00

@KCheshireCat fiddler 有个基于 mono 的 linux 版本，就是偶尔会卡。

ctsed

2017-02-26 13:18:28 +08:00

有保存功能吗在 fiddler chrome 等工具查看更方便一些

webjin1

2017-02-26 13:23:22 +08:00

协议分析呢?

kingddc314

2017-02-26 13:53:04 +08:00

@ctsed 可以保存呢， http_dump -w ./out ，按 Host 分文件夹保存

slixurd

2017-02-26 14:08:03 +08:00

大概楼主想要的是这个效果?
➜ ~ curl -D - v2ex.com
HTTP/1.1 301 Moved Permanently
Server: nginx/1.11.6
Date: Sun, 26 Feb 2017 06:02:14 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://v2ex.com/
X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.11.6</center>
</body>
</html>
➜ ~ curl -iv --raw https://v2ex.com
* Rebuilt URL to: https://v2ex.com/
* Trying 14.152.44.135...
* TCP_NODELAY set
* Connected to v2ex.com (14.152.44.135) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.v2ex.com
* Server certificate: TrustAsia DV SSL CA - G5
* Server certificate: VeriSign Class 3 Public Primary Certification Authority - G5
> GET / HTTP/1.1
> Host: v2ex.com
> User-Agent: curl/7.51.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
< Server: nginx/1.11.6
Server: nginx/1.11.6
< Date: Sun, 26 Feb 2017 06:02:40 GMT
Date: Sun, 26 Feb 2017 06:02:40 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 185
Content-Length: 185
< Connection: keep-alive
Connection: keep-alive
< Location: https://www.v2ex.com/
Location: https://www.v2ex.com/
< Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
< X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net
X-ORCA-Accelerator: from 093.chn.fuo01.cn.krill.c3edge.net

<
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.11.6</center>
</body>
</html>
* Curl_http_done: called premature == 0
* Connection #0 to host v2ex.com left intact

unsec

2017-02-26 14:30:59 +08:00

@slixurd @MinonHeart 你们没看懂这个是什么东西...

楼主只是用 cURL 作为 HTTP 客户端来配合他的工具演示。实际环境里 HTTP 请求可能是其他客户端发起的

tony1016

2017-02-26 15:03:17 +08:00

可以看看 bettercap

linhua

2017-02-26 15:47:43 +08:00

tcpdump 和 wireshark 配合很方便呀
ssh root@HOST tcpdump -U -s0 -w - 'not port 22' | "D:\Program Files\Wireshark\Wireshark.exe" -k -i -

http://www.commandlinefu.com/commands/view/4373/analyze-traffic-remotely-over-ssh-w-wireshark

Lax

2017-02-26 16:58:42 +08:00

compress 和 https 支持怎么样？

kingddc314

2017-02-26 17:23:25 +08:00

@Lax 支持 gzip ，不支持 https ，这种不用代理的抓包对 https 似乎无解

TangMonk

2017-02-27 09:19:57 +08:00

二进制文件怎么处理好。。

kingddc314

2017-02-27 11:21:10 +08:00

@TangMonk
在终端执行：
> chmod +x ./httpflow-Darwin-x86_64
> ./httpflow-Darwin-x86_64

TangMonk

2017-02-27 11:28:24 +08:00

@kingddc314 恩，这个已经编译好了，问题是可不可以对二进制的文件抓包显示优化下。。。比如说显示

[/assets/image.png] 'binary'

anyforever

2017-02-27 14:59:17 +08:00

想问下楼主怎么实现在右屏输入，在左屏响应的？

anyforever

2017-02-27 15:00:26 +08:00

另外，这个是不是你想要的？ https://github.com/jkbrzt/httpie