0%

WireShark

Posted on 2025-11-30 In 工程 Views:
Symbols count in article: 639 Reading time ≈ 1 mins.

Display Filter 語法

任一來源或目的

ip.addr == 192.168.2.100
tcp.port == 80
ip.src == 192.168.2.100 # 僅來源
ip.dst == 192.168.2.102 # 僅目的
ip.dst == 192.168.2.102 && tcp.port == 80 # AND 條件
!(tcp.port == 443) # NOT 條件, https用443
|| tcp.port == 80 # OR 條件
ip.src == 192.168.203.148 `ip.src == 57.140.228.1
http.request.method == “GET” || http.request.method == “POST”

抓本地HTTPs 的Get/ Post

打開 PowerShell
生成資料夾與檔案 …\sslkeys\sslkeylog.txt
設環境變數
$env:SSLKEYLOGFILE=”…\sslkeys\sslkeylog.txt”
Start-Process “C:\Program Files\Mozilla Firefox\firefox.exe”
開起來的 Firefox 中訪問
https://example.com
cat sslkeylog.txt
Wireshark 中匯入sslkeylog.txt
Edit → Preferences → Protocols → TLS
找到 Pre-Master Secret log filename 欄位 → 選擇你剛剛建立的 sslkeylog.txt
確定 → 重新載入封包擷取

如果你覺得這篇文章很棒，請你不吝點讚 (ﾟ∀ﾟ)

Welcome to my other publishing channels