标签:form cli -o tps tom web deploy wireshark standard
在抓到的数据包里面,看到一个http get请求,右键选中,然后follow stream
wireshark自动进行数据包过滤tcp.stream eq 1340,并且可以看到完整的数据通讯
GET /Hero/zhCN/client/alert?build=zhCN&targetRegion=0&homeCountry= HTTP/1.1
User-Agent: Blizzard Web Client
Host: nydus.battle.net
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 25 Nov 2017 03:15:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=3600
Location: http://INVALID.launcher.battle.net/service/Hero/alert/zh-cn
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://INVALID.launcher.battle.net/service/Hero/alert/zh-cn">here</a>.</p>
</body></html>
在TLSv1.2的数据流中看到
crl4.digicert.com
DigiCert is the go-to provider of identity, authentication, and encryption solutions for the web and IoT devices.
We help enterprises of every size deploy PKI security that aligns with industry standards and best practices.
Our SSL tools and enterprise-grade platform simplify management, automate certificate tasks, and give organizations the power to customize workflows to best fit their needs.
可以用如下语法过滤和指定ip的ssl
ssl and ip.dst== 24.105.29.76
然后选择一个clien thello,follow tcp stream
标签:form cli -o tps tom web deploy wireshark standard
原文地址:http://www.cnblogs.com/chucklu/p/7894825.html
