当前位置:网站首页>Technology sharing | packet capturing analysis TCP protocol
Technology sharing | packet capturing analysis TCP protocol
2022-07-07 11:24:00 【The elegance of testing】
TCP The protocol is in the transport layer , A connection oriented 、 reliable 、 Transport layer communication protocol based on byte stream .
Environmental preparation
Classify interface testing tools , It can be classified as follows :
Network sniffer tool :tcpdump,wireshark
Agent tools :fiddler,charles,anyproxyburpsuite,mitmproxy
Analysis tools :curl,postman,chrome Devtool
Caught analysis TCP agreement
tcpdump
tcpdump Is a network transmission of data packets “ head ” Completely intercepted to provide analysis tools . It supports for network layer 、 agreement 、 host 、 Network or port filtering , And provide and、or、not And other logical statements to remove useless information .
Give Way tcpdump Always monitor 443 port , If there is any difference, enter it into log In file
sudo tcpdump port 443 -v -w /tmp/tcp.log
Use this command , Will put the report in the directory /tmp/tcp.log in .
wireshark
wireshark It is also a network sniffing tool , In addition to having tcpdump function , There are more extensions , For example, analysis tools , But in interface testing , The process of capturing packets is often carried out on the server , Servers generally do not provide UI Interface , therefore wireshark Unable to work on server , Can only use tcpdump Grab bag generation log, And then log Import wireshark Use , There is UI Analysis on the client of the interface .
Caught analysis TCP agreement
Grab one http Of get request :
Search on Baidu mp3 http://www.baidu.com/s?wd=mp3
use tcpdump Intercept this get request , And generate log
use wireshark open tcpdump Generated log
Use wireshark see log:
log The first few messages are three handshakes . Because the channel is unreliable , Before sending the data , It is necessary to ensure channel stability , And three handshakes are like the following operations :
The first handshake : When establishing a connection , The client sends syn package (syn=j) To the server , And enter SYN_SENT state , Wait for server to confirm .
The second handshake : Server received syn package , Must confirm customer's SYN(ack=j+1), At the same time, I also send a SYN package (seq=k), namely SYN+ACK package , At this time, the server enters SYN_RECV state ;
The third handshake : Client receives server's SYN+ACK package , Send confirmation package to server ACK(ack=k+1), This package has been sent , Client and server access ESTABLISHED(TCP Successful connection ) state , Complete three handshakes .
After three handshakes , Can further communicate , It looks like this :
At the end of the communication , Four waves are also required :
First wave : The client sends a... To the server FIN, Request to turn off data transfer .
Second wave : The server received... From the client FIN, Send a ACK, among ack The value is equal to the FIN+SEQ.
Third wave : The server sends a... To the client FIN, Tell client application to close .
Fourth wave : The client receives... From the server FIN, Reply to one ACK To the server . among ack The value is equal to the FIN+SEQ.
Be careful : A request may be divided into multiple packets , So is a data , So in wireshark You'll see a lot of bags .
Last : It can be in the official account : Sad spicy bar ! Get one by yourself 216 Page software testing engineer interview guide document information 【 Free of charge 】. And the corresponding video learning tutorial is free to share !, It includes basic knowledge 、Linux necessary 、Shell、 The principles of the Internet 、Mysql database 、 Special topic of bag capturing tools 、 Interface testing tool 、 Test advanced -Python Programming 、Web automated testing 、APP automated testing 、 Interface automation testing 、 Testing advanced continuous integration 、 Test architecture development test framework 、 Performance testing 、 Safety test, etc. .
I recommend one 【Python Automated test communication group :746506216】, We can discuss communication software testing together , Learn software testing together 、 Interview and other aspects of software testing , Help you advance quickly Python automated testing / Test Development , On the road to high pay .
Friends who like software testing , If my blog helps you 、 If you like my blog content , please “ give the thumbs-up ” “ Comment on ” “ Collection ” One Key triple connection !
边栏推荐
- When initializing 'float', what is the difference between converting to 'float' and adding 'f' as a suffix?
- Android interview knowledge points
- Interprocess communication (IPC)
- 'module 'object is not callable error
- Activity生命周期
- Wallhaven wallpaper desktop version
- Verilog design responder [with source code]
- Go redis Middleware
- Array object sorting
- Distributed database master-slave configuration (MySQL)
猜你喜欢
随机推荐
從色情直播到直播電商
QT document
Go slice comparison
TDengine 社区问题双周精选 | 第二期
0.96 inch IIC LCD driver based on stc8g1k08
uniapp 在onLaunch中跳转页面后,点击事件失效解决方法
使用MeterSphere让你的测试工作持续高效
Design intelligent weighing system based on Huawei cloud IOT (STM32)
科普达人丨一文弄懂什么是云计算?
Add a self incrementing sequence number to the antd table component
audit 移植
基于Retrofit框架的金山API翻译功能案例
Table replication in PostgreSQL
Bookmarking - common website navigation for programmers
About the application of writing shell script JSON in JMeter
Activity lifecycle
verilog设计抢答器【附源码】
Project ERROR: Unknown module(s) in QT: core gui
V-for img SRC rendering fails
[untitled]