Wireshark 101: Hypertext Transfer Protocol, HakTip 130
ฝัง
- เผยแพร่เมื่อ 5 ก.พ. 2015
- Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Today on HakTip, Shannon explains Hypertext Transfer Protocol and packet headers in Wireshark.
HTTP stands for Hypertext Transfer Protocol. This is another common upper layer protocol that you'll run into from time to time in Wireshark. Specifically, HTTP can be found in Layer 7 of the OSI model. HTTP allows your web browser to connect to a server and allow you to view a website. So when you go to hak5.org or youtube.com or anything in between, you're using HTTP.
Every time you view one of the packets, it's going to vary a lot depending on where on the internet you're heading. So let's take a look at a few of these HTTP packet headers so you can see some similarities.
First off you'll have a short GET request, once communication is setup between you and the websites server. The packet comes in over TCP Port 80, request method GET, Requested version HTTP/1.1. We're trying to GET the web directory of the server by using HTTP Ver. 1.1. A little lower is the User-agent info, which tells the server what kind of info my computer can accept.
After this packet, the server will send TCP acknowledgments to you, and HTTP will there on out be used for application layer commands.
Once TCP is done, HTTP will give you another packet that says "Response code 200". - This means you've had a successful request method.
When we need to upload data to a webserver, such as when you post a tweet or type to someone in an IRC, you are creating a POST packet via HTTP in Wireshark. These need a three way handshake (request - response - OK), from client to server. This packet will be labeled as a POST packet, and the Line-Based Text Data will show you the contents of the data posted. Status code 302 means FOUND, which will happen once the connection has been made.
Let me know what you think. Send me a comment below or email us at tips@hak5.org. And be sure to check out our sister show, Hak5 for more great stuff just like this. I'll be there, reminding you to trust your technolust.
~-~~-~~~-~~-~
Please watch: "Bash Bunny Primer - Hak5 2225"
• Bash Bunny Primer - Ha...
~-~~-~~~-~~-~
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - วิทยาศาสตร์และเทคโนโลยี
Learned more about ISO and packet structure from this Series then I did in multiple Networking classes, Thanks Shannon! For a teacher, you make one hell of a show presenter!
+DesertFernweh Thank you a ton! They say the best way to learn is to teach, so I'm learning along with you :)
Great videos, is there a video I can watch on using wireshark to identify/work with SQL injections?
SkipAD 4:54
yeah, thanks..... fecking AD junkies!!
It was different and nice to see you tested twitter posting messaging with wireshark thanks
Hi Shannon, I know this video was posted sometime ago, but I was hoping you could explain something to me. I'm trying to use WireShark on a laptop connected to my workplace's network to capture all the HTTP Traffic. On the most part I can only see the HTTP Traffic generated from my own machine (the laptop), and not from any of the other 1000 or so machines connected to the network. I have seen the odd HTTP traffic coming to/from another machine on the network, but this seems not to match up with the actual traffic being generated. I've gone through a number of your WireShark tutorials, which have been very helpful, but still can't seem to find an answer.
this was a good video (posting to get the packet)
Very Informative
Nice video.
Very educative and professional tutorial.
Am I the only person that thinks she is taking the whole screen? I mean, it would be nice if you could reduce the size of the person in the video to help seeing the content easily. But thank you for the good contents.
My Girl has a Windows machine. Love it.
cool..
BruhH (just an attempt to get the packet)
Hi
OGC
First view
а можно по русски, не чего не понятно же
Comment.
12345
comment.
Comment.
I watched more informative videos than this.And language is not known by our pc language. Its known by our web browser's language.
You are a beautiful girl and also an hack expert. What elseeeeee e e e e e e e e e e
blah