ios 如何配置 Wireshark 以查看 HTTPS 流量?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7166044/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I configure Wireshark to see HTTPS traffic?
提问by SundayMonday
I'm testing an iOS application and I just want to see when HTTPS traffic is sent. I'm not interested in the contents of the traffic. How can I configure Wiresharkto do this?
我正在测试一个 iOS 应用程序,我只想查看 HTTPS 流量何时发送。我对交通的内容不感兴趣。 如何配置Wireshark来执行此操作?
This is just to verify that an analytics package is working. I don't have any control over the servers that my app is talking to.
这只是为了验证分析包是否正常工作。我对我的应用程序正在与之通信的服务器没有任何控制权。
Thanks!
谢谢!
Edit #1: My current Wireshark configuration can see traffic to http://www.duckduckgo.combut not https://www.duckduckgo.com
编辑 #1:我当前的 Wireshark 配置可以看到http://www.duckduckgo.com 的流量,但不能看到https://www.duckduckgo.com
采纳答案by Jano
An alternative is using your Mac as a Wi-Fi access point and sniffing the traffic with TCPDump. Here are the steps:
另一种方法是将您的 Mac 用作 Wi-Fi 接入点并使用 TCPDump 嗅探流量。以下是步骤:
- Connect your Mac to your router using an Ethernet cable (the Wi-Fi card will be busy working as access point). Or skip this step if you only want to sniff traffic from the app to your own computer.
- In the Wi-Fi icon of your toolbar, click
Create Network. Give it a random name, select security, and set a password. - In
System Preferences > SharingsetTo computers using: Wi-Fi. InWi-Fi Options...choose the network you created before. InShare your connection from:, choose the interface you are getting Internet from, usually Ethernet. - Enable
Internet Sharing, and connect to this new Wi-Fi network from your iPhone. - Disconnect 3G on your iPhone from
Settings > General > Networkand check your Internet with Safari. Sometimes it takes a few seconds. - In your Mac type
sudo tcpdump -s 0 -A -i en1 port 443 > log.txt. Useifconfigif you have a network interface other than en1. The log generated can also be imported by WireShark (which is a GUI version of tcpdump). - Now all Internet traffic from your iPhone will be recorded.
- 使用以太网电缆将您的 Mac 连接到路由器(Wi-Fi 卡将忙于用作接入点)。或者,如果您只想嗅探从应用程序到您自己的计算机的流量,请跳过此步骤。
- 在工具栏的 Wi-Fi 图标中,单击
Create Network。给它一个随机名称,选择安全,并设置一个密码。 - 在
System Preferences > Sharing集合中To computers using: Wi-Fi。在Wi-Fi Options...选择您之前创建的网络。在 中Share your connection from:,选择您从中获取 Internet 的接口,通常是以太网。 - 启用
Internet Sharing,然后从您的 iPhone 连接到这个新的 Wi-Fi 网络。 - 断开 iPhone 上的 3G 连接
Settings > General > Network并使用 Safari 检查您的 Internet。有时需要几秒钟。 - 在您的 Mac 中输入
sudo tcpdump -s 0 -A -i en1 port 443 > log.txt.ifconfig如果您有 en1 以外的网络接口,请使用。生成的日志也可以通过 WireShark(它是 tcpdump 的 GUI 版本)导入。 - 现在,您 iPhone 上的所有互联网流量都将被记录下来。
TCPDump is included with all versions of OS X. For other options, see Technical Q&A QA1176 Getting a Packet Trace.
TCPDump 包含在所有版本的 OS X 中。有关其他选项,请参阅技术问答 QA1176 获取数据包跟踪。
回答by M N Islam Shihan
Set following as a filter after you've started capturing the appropriate network interface:
开始捕获适当的网络接口后,将以下设置为过滤器:
tcp.port == 443 || tcp.port == 80
This will ensure display of data for only http & https connections that you can further inspect.
这将确保仅显示您可以进一步检查的 http 和 https 连接的数据。
回答by nfechner
If you want to decrypt the SSL traffic in order to listen in on it, have a look at the Wireshark Wiki. The explanation is a bit longer, but enables you to decrypt SSL traffic.
如果您想解密 SSL 流量以监听它,请查看Wireshark Wiki。解释有点长,但使您能够解密 SSL 流量。
You also might want to listen on port 443 instead of 80.. :-)
您可能还想侦听端口 443 而不是 80 .. :-)
回答by Andy Finkenstadt
Yes. Wireshark can watch any and all ethernet traffic made available to it. The issue to solve is whether the machine running Wireshark will see all of the ethernet traffic you are interested in detecting the presence of.
是的。Wireshark 可以监视所有可用的以太网流量。要解决的问题是运行 Wireshark 的机器是否会看到您有兴趣检测存在的所有以太网流量。
