Sniffing http headers with Wireshark

If you are ever in need of seeing http requests and responses, you can use this little snippet that I “borrowed” directly from this blog. You need to install WireShark first. On a mac, you can use Darwin ports, use the command sudo port install wireshark. You can also install it on most Linux distributions and there is even a Windows version available for download ;-) 

tshark -i wlan0 -f 'host 1.2.3.4' -R 'http' -S -V -l | \
awk '/^[HL]/ {p=30} /^[^ HL]/ {p=0} /^ / {--p} {if (p>0) print}'

Replace wlan0 with the network interface name you use and the ip 1.2.3.4 with the ip of the destination machine.

Posted in Computer networks |

This entry was posted on Thursday, January 15th, 2009 at 11:49 am and is filed under Computer networks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
«
»

Leave a reply

Name (*)
Mail (will not be published) (*)
URI
Comment