如何使用 Wireshark 从 TCP 数据包中提取原始数据 [英] How to extract raw data from TCP packets using Wireshark
问题描述
对 Wireshark 完全陌生,想知道如何从我在 Wireshark 上收到的 TCP 数据包中提取数据.
我目前正在使用带有 Grove 传感器的 raspberry pi 并获取压力和温度值.我将这些值发送到云中的服务器并且它正在工作.我正在使用wireshark来跟踪数据包.
现在我想从数据包中提取数据(即压力值和温度值)并将它们存储在文件中以供进一步实施.有没有办法做到这一点?如果是,那么任何人都可以解释一下吗?会有帮助的.
谢谢.
最方便的方法是将整个 TCP 流保存到文件中.右键单击所需流的任何 TCP 数据包,选择跟随 -> TCP 流",您将看到管理流数据的窗口.您可以选择要保存哪些数据(单向,或双向),将用于输出的格式等.检查下面的图片:
另一种方法是单独保存来自任何数据包的数据.由于您对整个数据包不感兴趣,因此您只能选择有效载荷部分.检查下面的图片,我选择了数据包的 HTTP 部分(我用红色箭头标记了字段以进行清除).在您的情况下,它将是一些带有原始数据的字段.突出显示正确的字段后,右键单击它,选择复制"并选择所需的格式.数据将被放入缓冲区,因此您需要将其粘贴到某个应用程序中.如果选择原始二进制作为格式,您需要能够粘贴二进制数据的应用程序.我使用
Completely new to Wireshark and wondering how to extract the data from the TCP packets which I receive on wireshark.
I am currently using a raspberry pi with grove sensors and getting the values of pressure and temperature. I am sending these values to a server in cloud and it is working. I am using wireshark to trace the packets.
Now I want to extract the data (i.e the pressure value and temperature value) from the packets and store them in a file for further implementation. Is there a way to do it? If yes, then can anyone please explain? It will be helpful.
Thanks.
Most convenient way is saving whole TCP stream into file. Right click on any TCP packet of desired stream, choose "Follow -> TCP stream" and you will see window for managing stream data. You can choose, which data to save (one-direction, or both), which format will be used for output and so on. Check pict below:
The other way is saving data from any packet individually. Since you aren't interested in whole packet, you can select only payload part. Check picture below, where I selected HTTP part of the packet (I marked field with red arrow for clearance). In your case, it will be some field with raw data. Once highlighted the right field, right click on it, choose "copy" and select desired format. Data will be placed into buffer, so you need to paste it into some application. If raw binary is chosen for format, you need application capable of pasting binary data. I use
这篇关于如何使用 Wireshark 从 TCP 数据包中提取原始数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
