win7远程抓包脚本
工作后日常的代码都是在linux服务器上运行,最近一遇到了很多https连接的问题,虽与机构沟通有https的各种细节,但总是会出现信息不对称的问题,因此https抓包是最有效的办法,握手流程就在那,更能方便说明问题。平时工作用的是Win7系统,只能利用工具远程抓包了,同时需要在linux服务器上安装一个抓包代理,rpcapd就是一个最佳的选择,可实现win7利用wireshark轻松抓包,直接上自动化脚本:
#!/bin/bash install(){ echo "-------------------start install-----------------------" yum install glibc-static wget http://www.winpcap.org/install/bin/WpcapSrc_4_1_2.zip unzip WpcapSrc_4_1_2.zip cd winpcap/wpcap/libpcap chmod +x configure runlex.sh CFLAGS=-static ./configure make cd rpcapd/ make echo "-------------------install success-----------------------" } start(){ echo "start rpcapd" nohup ./winpcap/wpcap/libpcap/rpcapd/rpcapd -4 -n -p 8888 > /dev/null 2>&1 & echo "start finish" #-p set the port to listen #-n do not need authentication } stop(){ echo ".....stopping......." ps -ef | grep 'rpcapd'| grep -v grep | awk '{print $2}'| xargs sudo kill -9 echo ".....stopped......" } usage(){ echo "****************************************************" echo "* wireshark win client usage " echo "****************************************************" echo "install : bash wiresharkClient.sh install" echo "start : bash wiresharkClient.sh start" echo "stop : bash wiresharkClient.sh stop" echo "usage : bash wiresharkClient.sh usage" } if [ "install" == $1 ];then install elif [ "start" == $1 ];then start elif [ "stop" == $1 ];then stop else usage fi