18
0
Fork 0

tcpdump: add tips for sniff all POST query

This commit is contained in:
Bruno TATU 2018-09-12 16:38:30 +02:00
parent 87025d6330
commit 5adc353ba9
1 changed files with 6 additions and 0 deletions

View File

@ -123,3 +123,9 @@ en temps réel
~~~ ~~~
# tcpdump -n -ttt -e -i pflog # tcpdump -n -ttt -e -i pflog
~~~ ~~~
* Récuper toutes les trâmes de type POST sur le port 80
~~~
# tcpdump -vv -s 0 -A 'tcp dst port 80 and tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x47455420 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504F5354 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x48545450 or tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x3C21444F' -w /home/user/capture.pcap
~~~