Wireshark packet capturing skills summarized by myself

1、 Pre capture method

1.1、 On the start screen , Click the captured green bookmark icon

1.2、 Click Manage capture filters

1.3、 Edit filter criteria

IP Filter ：

Directly modifying “192.0.2.1” For a given IP, Click on OK complete .

Port filtering ：

Directly modifying 80 The port is the specified port , And then click "OK" complete .

1.4、 Click the bookmark icon , Select the edited filter condition , Select the correct network card option , And then click Enter Start the bag.

2、 Save the captured packets regularly

2.1、 Click on " Capture "–" Options " Button

2.2、 Click on "Output", Select the local path to save the packet , Then select the condition to save the packet . Click when finished " Start "

3、 adopt TCP Filter a message of

Grab message , See the following

Analysis offset ：

from tcp The starting header of the message starts to be analyzed

oxea Is the first TCP message , Corresponding tcp[0], Start counting from here , arrive 0x07 It's No 47 Bytes , To use tcp[46]..