Why can't I catch Baidu's data packets
AD |
1414baidu.compingIP$ ping baidu
![](/attached/image1/2023/05/16/377cb2a64d1b2aa2c3571b471a0526d6.webp)
1414
baidu.com
pingIP
$ ping baidu.comPING baidu.com (39.156.66.10) 56(84) bytes of data.64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=1 ttl=49 time=30.6 ms64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=2 ttl=49 time=30.6 ms64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=3 ttl=49 time=30.6 ms
baidu.com39.156.66.10
tcpdumpeth0ip39.156.66.10baidu.pcap
$ tcpdump -i eth0 host 39.156.66.10 -w baidu.pcap
baidu.comcurl
$ curl 'https://baidu.com'
baidu.com
wiresharkbaidu.pcaphttp.host == "baidu.com"
![](/attached/image1/2023/05/16/bb4b6a9c0a2005fd49be545ac90dca56.webp)
HTTPSbaidu.comHTTPHostrequest body
http.host
HTTPSClient Helloserver_name
tls.handshake.extensions_server_name == "baidu.com"
![](/attached/image1/2023/05/16/75d7b6787d94776642cef332af8112c5.webp)
Follow-TCP Stream
![](/attached/image1/2023/05/16/96507e37c9e85f264235273470602a23.webp)
TCP
![](/attached/image1/2023/05/16/22b7d001942ac12fe1a0866228443432.webp)
TCPTLSTCP
18205602844344356028
56028
443HTTPS
HTTP8080
1820baidu.com
URLbody
tcpdump
$ tcpdump -i eth0 host 39.156.66.10 -w baidu.pcap
key
/Users/xiaobaidebug/ssl.key
$ export SSLKEYLOGFILE=/Users/xiaobaidebug/ssl.key
curlchromecurlchrome
$ curl 'https://baidu.com'$ open -a Google Chrome #macchrome
/Users/xiaobaidebug/ssl.key
wireshark
![](/attached/image1/2023/05/16/76b9a7b1fd442a8543136950b5c1f2d4.webp)
ProtocolsTLS
![](/attached/image1/2023/05/16/30384b40bb3c31c35051772b21cb6e33.webp)
ssl.key
![](/attached/image1/2023/05/16/14cac6e40746d88caee738596e9a3e08.webp)
1820
![](/attached/image1/2023/05/16/1082034244565f83280d54091e30e5ef.webp)
http.host == "baidu.com"
![](/attached/image1/2023/05/16/175b5e84cc98a5d94412830e340dec42.webp)
ssl.key
HTTPS
HTTPS
HTTPS
TCPHTTPTCP
TCPHTTPS
HTTPSTLSSSLTLS1.2
TLS""
""
![](/attached/image1/2023/05/16/64507ed307c93ffca93e90af85344dd4.png)
TLS
- Client Hello TLS1.2RSA
- Server Hello + + TLS1.2
- Client Key Exchange: pre_master_key pre_master_key
- Change Cipher Spec: pre_master_key""
- Encrypted Handshake Message""Finished
- Change Cipher Spec pre_master_key""""
- Encrypted Handshake Message""Finished
client random
server random
pre_master_key
""
![](/attached/image1/2023/05/16/d06a5a86bb1b3d200d1d76755e95ffaa.webp)
HTTPS
client random server random pre_master_key
pre_master_key
pre_master_key
pre_master_key
HTTPSTCPHTTPTLSOpenSSLNSSTLS
SSLKEYLOGFILETLSpre_master_key
/Users/xiaobaidebug/ssl.key
![](/attached/image1/2023/05/16/a1997c9035a80002046b5afca4bb9b20.webp)
TLSkeyTLSSSLKEYLOGFILETLSSSLKEYLOGFILEcurlchrome
SSLKEYLOGFILE
ssl.key
# SSL/TLS secrets log file, generated by NSSCLIENT_RANDOM 5709aef8ba36a8eeac72bd6f970a74f7533172c52be41b200ca9b91354bd662b 09d156a5e6c0d246549f6265e73bda72f0d6ee81032eaaa0bac9bea362090800174e0effc93b93c2ffa50cd8a715b0f0CLIENT_RANDOM 57d269386549a4cec7f91158d85ca1376a060ef5a6c2ace04658fe88aec48776 48c16429d362bea157719da5641e2f3f13b0b3fee2695ef2b7cdc71c61958d22414e599c676ca96bbdb30eca49eb488aCLIENT_RANDOM 5fca0f2835cbb5e248d7b3e75180b2b3aff000929e33e5bacf5f5a4bff63bbe5 424e1fcfff35e76d5bf88f21d6c361ee7a9d32cb8f2c60649135fd9b66d569d8c4add6c9d521e148c63977b7a95e8fe8CLIENT_RANDOM be610cb1053e6f3a01aa3b88bc9e8c77a708ae4b0f953b2063ca5f925d673140 c26e3cf83513a830af3d3401241e1bc4fdda187f98ad5ef9e14cae71b0ddec85812a81d793d6ec934b9dcdefa84bdcf3
CLIENT_RANDOMpre_master_key
wiresharkpre_master_key
wiresharkclient random
![](/attached/image1/2023/05/16/012bfb29c355b3e9760a13f4684cd649.webp)
"bff63bbe5"
server random
![](/attached/image1/2023/05/16/2565584a1052df47d98f5fbb9661e7d0.webp)
client randomssl.key
![](/attached/image1/2023/05/16/0c539d6e047db9b9d4c53cc609bf86da.webp)
"bff63bbe5"client random
pre_master_key
wireshark
ssl.keypre_master_keyTLSclient helloHTTPSTLS
- baiduwireshark
- HTTPSHTTPURLRequest Bodyfilterhttp.host == "baidu.com"
- HTTPS3HTTPS
- client randomserver randompre_master_keySSLKEYLOGFILE
- SSLKEYLOGFILEcurlchromeHTTPSTLSsslkeyclient randompre_master_keyclient randompre_master_key
![](/attached/image1/2023/05/16/ce8c740fb0b54a3cd8ffb223cc558617.jpeg)
wireshark
![](/attached/image1/2023/05/16/c32b36f2475d337968d577a189f11e81.jpeg)
wireshark
![](/attached/image1/2023/05/16/4955b573cebd0573e637e877ddd3e75d.webp)
![](/attached/image1/2023/05/16/986072b31f699888b15282614f42d8bf.webp)
No
time
source
destination
protocol
info
http
![](/attached/image1/2023/05/16/1188970cf791d0915e48eca877363b48.webp)
![](/attached/image1/2023/05/16/596b508c31fb26c5a82a2bf731e26033.webp)
![](/attached/image1/2023/05/16/969464bd78dbc37c363ef0354b399b21.webp)
macmacwiresharkmacmac8/01
![](/attached/image1/2023/05/16/a2590bb41b9e33211a250a4c60465aef.webp)
ipipv4DS FieldipTTL
![](/attached/image1/2023/05/16/186c39267ada1cfe34e4adc49dd93743.webp)
seq NumberpayloadTCP80httptcp53bytesACKackseqACK
![](/attached/image1/2023/05/16/acb38852a3e41f35ada3392df70c7210.webp)
http200wireshark
03
Wireshark
ip.addr ipip.srcip.dstIPIPeth.addrmaceth.srceth.dstmacmac
tcp.portudp.portospfospf
andornoteqequal
ip192.168.10.243macf8:48:fd:fc:2e:00
![](/attached/image1/2023/05/16/26ce854cf2d71d7be2f55111761cf094.webp)
dnsdns
![](/attached/image1/2023/05/16/9c2831f6576950a03160d240d8feed6f.webp)
![](/attached/image1/2023/05/16/a85bdcb3070cfb5d0646f26f07cc9595.webp)
![](/attached/image1/2023/05/16/7b86b3bc8cf7e38aea3ab5626e96d422.webp)
ospf
![](/attached/image1/2023/05/16/7d6a33a6cf9ef1694a9655bb544bc4fd.webp)
lsa
![](/attached/image1/2023/05/16/1cf752ecc47af40dc0860c751b92c7ef.webp)
LSULSA
wireshark
Disclaimer: The content of this article is sourced from the internet. The copyright of the text, images, and other materials belongs to the original author. The platform reprints the materials for the purpose of conveying more information. The content of the article is for reference and learning only, and should not be used for commercial purposes. If it infringes on your legitimate rights and interests, please contact us promptly and we will handle it as soon as possible! We respect copyright and are committed to protecting it. Thank you for sharing.(Email:[email protected])
Mobile advertising space rental |
Tag: Why can catch Baidu data packets
Why do some people only focus on the 2-yuan work meal for civil servants and not on the free meal offered by internet giants
NextBrazil starts comprehensive cooperation with Huawei 5G
Guess you like
-
Hisense Refrigerators: Ignite the European Championship with Technological Power, Leading Chinese Brands to the WorldDetail
2024-06-19 14:55:30 11
-
Tencent Cloud Builds a Full-Stack Domestic Software System to Drive Integration and Innovation Across IndustriesDetail
2024-06-19 14:45:48 11
- Detail
- Detail
- Detail
- Detail
- Detail
- Detail
- Detail
-
iPhone X: A Classic ReimaginedDetail
2024-04-07 22:45:37 31
- Detail
-
Mid-Range Smartphones Take a Bold Step with Extreme BrightnessDetail
2024-04-07 22:36:57 21
-
Is Xiaomi car worth buying? Netizens' comments are polarized. Some people think it's good, and some people think it's a pitfallDetail
2024-04-07 18:48:04 31
-
Ele.me Unveils "AI Business Assistant" to Empower Retail Merchants with Data-Driven Decision-MakingDetail
2024-04-03 19:13:32 11
-
Long Queues and Confrontations at Shanghai Apple Store OpeningDetail
2024-04-02 23:38:42 31
- Detail
- Detail
- Detail
-
How to Protect Your Phone Privacy: A Comprehensive Guide for 2024Detail
2024-03-31 14:47:00 51
-
The woman claimed that Xiaomi's phone exploded when charging in the early morning. Netizens claimed that Xiaomi 14 "gets hot after hitting the king", and Lei Jun personally respondedDetail
2023-11-17 09:16:23 11