Difference between revisions of "Packet sniffer"

From LemonWiki共筆
Jump to navigation Jump to search
m
 
Line 1: Line 1:
== case: try to find mp4 file ==
 
keyword filter at URL Snooper v.2.30.01
 
* full request URI: ex: {{kbd | key=<nowiki>http://www.example.com/folder/file.mp4</nowiki>}} ok
 
* partial URI path: ex: {{kbd | key=/folder/file.mp4}}, {{kbd | key=file.mp4}}, {{kbd | key=mp4}} ok
 
* wildcat: ex: {{kbd | key=*.mp4}} not work {{exclaim}}
 
 
Filter at Wireshark 1.6.5
 
* full request URI: ex: {{kbd | key=ip.dst == 127.0.0.1 and http.request.uri matches "upload2/letsgo.mp4" }} (where the domain www.example.com was mapping to IP: 127.0.0.1) ok
 
* partial URI path:
 
** ex: {{kbd | key=http.request.uri matches "/folder/file.mp4"}}, {{kbd | key=http.request.uri matches "file.mp4"}}, {{kbd | key=http.request.uri matches "mp4"}} ok
 
** ex: {{kbd | key=tcp and ip.src== 127.0.0.1 }}
 
* wildcat: ex: {{kbd | key=http.request.uri matches "*.mp4" }} not work {{exclaim}}
 
  
== software list ==
+
== Software list ==
 
[http://www.donationcoder.com/Software/Mouser/urlsnooper/ URL Snooper] v.2.30.01
 
[http://www.donationcoder.com/Software/Mouser/urlsnooper/ URL Snooper] v.2.30.01
 
* live sniffer: ok
 
* live sniffer: ok
Line 24: Line 12:
 
* time stamp: ok
 
* time stamp: ok
 
* license: GNU General Public License version 2<ref>[https://www.wireshark.org/faq.html#_how_much_does_wireshark_cost How much does Wireshark cost?]</ref>
 
* license: GNU General Public License version 2<ref>[https://www.wireshark.org/faq.html#_how_much_does_wireshark_cost How much does Wireshark cost?]</ref>
 +
 +
== Case: try to find mp4 file ==
 +
keyword filter at URL Snooper v.2.30.01
 +
* full request URI: ex: {{kbd | key=<nowiki>http://www.example.com/folder/file.mp4</nowiki>}} ok
 +
* partial URI path: ex: {{kbd | key=/folder/file.mp4}}, {{kbd | key=file.mp4}}, {{kbd | key=mp4}} ok
 +
* wildcat: ex: {{kbd | key=*.mp4}} not work {{exclaim}}
 +
 +
Filter at Wireshark 1.6.5
 +
* full request URI: ex: {{kbd | key=ip.dst == 127.0.0.1 and http.request.uri matches "upload2/letsgo.mp4" }} (where the domain www.example.com was mapping to IP: 127.0.0.1) ok
 +
* partial URI path:
 +
** ex: {{kbd | key=http.request.uri matches "/folder/file.mp4"}}, {{kbd | key=http.request.uri matches "file.mp4"}}, {{kbd | key=http.request.uri matches "mp4"}} ok
 +
** ex: {{kbd | key=tcp and ip.src== 127.0.0.1 }}
 +
* wildcat: ex: {{kbd | key=http.request.uri matches "*.mp4" }} not work {{exclaim}}
  
  
== reference ==
+
== Reference ==
 
<references />
 
<references />
  

Latest revision as of 16:20, 22 June 2020

Software list[edit]

URL Snooper v.2.30.01

  • live sniffer: ok
  • save as file: n/a
  • time stamp: n/a
  • license: free for perosnal usage

Wireshark 1.6.8

  • live sniffer: ok
  • save as file: ok
  • time stamp: ok
  • license: GNU General Public License version 2[1]

Case: try to find mp4 file[edit]

keyword filter at URL Snooper v.2.30.01

  • full request URI: ex: http://www.example.com/folder/file.mp4 ok
  • partial URI path: ex: /folder/file.mp4, file.mp4, mp4 ok
  • wildcat: ex: *.mp4 not work Icon exclaim.gif

Filter at Wireshark 1.6.5

  • full request URI: ex: ip.dst == 127.0.0.1 and http.request.uri matches "upload2/letsgo.mp4" (where the domain www.example.com was mapping to IP: 127.0.0.1) ok
  • partial URI path:
    • ex: http.request.uri matches "/folder/file.mp4", http.request.uri matches "file.mp4", http.request.uri matches "mp4" ok
    • ex: tcp and ip.src== 127.0.0.1
  • wildcat: ex: http.request.uri matches "*.mp4" not work Icon exclaim.gif


Reference[edit]

resources