win7远程抓包脚本

 工作后日常的代码都是在linux服务器上运行,最近一遇到了很多https连接的问题,虽与机构沟通有https的各种细节,但总是会出现信息不对称的问题,因此https抓包是最有效的办法,握手流程就在那,更能方便说明问题。平时工作用的是Win7系统,只能利用工具远程抓包了,同时需要在linux服务器上安装一个抓包代理,rpcapd就是一个最佳的选择,可实现win7利用wireshark轻松抓包,直接上自动化脚本:

 

#!/bin/bash

install(){
    echo "-------------------start install-----------------------"
    yum install glibc-static
    wget http://www.winpcap.org/install/bin/WpcapSrc_4_1_2.zip
    unzip WpcapSrc_4_1_2.zip
    cd winpcap/wpcap/libpcap
    chmod +x configure runlex.sh
    CFLAGS=-static
    ./configure
    make
    cd rpcapd/
    make
    echo "-------------------install success-----------------------"
}

start(){
    echo "start rpcapd"
    nohup ./winpcap/wpcap/libpcap/rpcapd/rpcapd -4 -n -p 8888 > /dev/null 2>&1 &
    echo "start finish"
    #-p set the port to listen
    #-n do not need authentication
}

stop(){

   echo ".....stopping......."
   ps -ef | grep 'rpcapd'| grep -v grep | awk '{print $2}'| xargs sudo  kill -9
   echo ".....stopped......"
}

usage(){
echo "****************************************************"
echo "* wireshark win client  usage "
echo "****************************************************"
echo "install : bash wiresharkClient.sh install"
echo "start : bash wiresharkClient.sh start"
echo "stop : bash wiresharkClient.sh stop"
echo "usage : bash wiresharkClient.sh usage"
}



if [ "install" == $1 ];then
    install
elif [ "start" == $1 ];then
   start
elif [ "stop" == $1 ];then
   stop
else
   usage
fi

 

posted @ 2016-10-02 17:31  lunasxk  阅读(469)  评论(0编辑  收藏  举报