Posts

Showing posts from February 12, 2012

tcpdump to grab http headers from a specific domain

If you find tcpdump as a very useful tool and you wanted to work in the shell or in a terminal, let say you're into hacking. So it's useful to sneak on the packets using tcpdump. To grab the headers by using tcpdump, you can use the command below, $> for((i=0;i<13;i++)) { clear; } // can also be done by `while(true) do clear; done` then press ctrl+c to stop $> tcpdump -i en1 -s 1024 -l -A 'port 80 and host domain.com' where  -i  specifies the interface, -s specifies the number of bytes that you wanted to Snarf or sneak. From man page, it says "Snarf snaplen bytes of data from each packet rather than the default of 68" -l  print the buffer result into stdout -A    From man page, "Print each packet (minus its link level header) in ASCII.  Handy for capturing web pages." then the string enclosed with single quote is the rule that I wanted to do, to grab or filter packets from port 80 and host  domain.com. Just change "doma