Dariusz on Software

Methods and Tools

About This Site

Software development stuff


Use tcpdump to sniff HTTP requests
Wed, 10 Apr 2013 08:04:12 +0000

Sometimes you are interested if the software issues proper HTTP requests to the server. You have three options here:

  1. checking client logs and assume all HTTP requests are reported
  2. checking server logs to see what have been issued
  3. using tcpdump for traffic monitoring

I'll show you 3rd method - it's useful if you don't have access to server nor to client logs.

$ sudo tcpdump -s 1024 -l -A dst -i eth0 | grep HTTP
..Hp.c..GET /url/path?param1=value1&OpCode=add&ChannelID=101434 HTTP/1.1
.....c.*GET /url/path?param2=value2&OpCode=add&ChannelID=101434 HTTP/1.1 is the server IP address.

Pretty simple and more elegant solution than using full wireshark (and you can use it having only console access).

Tags: networking.


Created by Chronicle v3.5