以无法检测的方式检查WebSocket框架 [英] Inspecting WebSocket frames in an undetectable way
问题描述
如何以Chrome扩展程序或Firefox插件的方式阅读网页的WebSocket框架,而页面无法检测?
<从Chrome开发工具扩展中检查WebSockets框架制定了一个从Chrome开发工具扩展 WebSockets框架类似的问题,但开发NPAPI插件不再有意义,因为它很快就会被删除。
W的方法完全屏蔽了与页面的任何交互( for Chrome )
即可以取出一些重型火炮并使用 chrome.debugger 。
请注意,使用它会阻止您打开相关页面的开发工具(或者更准确地说,打开开发工具将使其停止工作,因为只有一个d ebugger客户端可以连接)。
这是一个相当低级的API;您需要自己使用调试器协议构建您的查询。另外,相应的事件不在1.1的文档中,您需要查看开发版。您应该能够接收WebSocket事件,并检查它们的 payloadData : p>
{method:Network.webSocketFrameSent,params:{requestId:3080.31,timestamp: 18090.353684,response:{opcode:1,mask:true,payloadData:使用HTML5 WebSocket调整它}}}
{method:Network.webSocketFrameReceived,params :{requestId:3080.31,timestamp:18090.454617,response:{opcode:1,mask:false,payloadData:Rock5.5 WebSocket}} $ b 事实上,这是一个起点,假设 tabId 是你的选项卡,重新感兴趣:
pre $ ch code $ chrome.debugger.attach({tabId:tab.id},1.1,function(){
chrome.debugger.sendCommand({tabId:tabId},Network.enable);
chrome.debugger.onEvent.addListener(onEvent);
});
$ b $函数onEvent(debuggeeId,message,params){
if(tabId!= debuggeeId.tabId)
return;
if(message ==Network.webSocketFrameSent){
//用params.response.payloadData,
做某事//它包含数据SENT
} else if(message ==Network.webSocketFrameReceived){
//用params.response.payloadData,
做一些事情//它包含数据RECEIVED
}
}
我已经测试了这个方法(链接的样例修改如上)并且工作。 >
How I can read WebSocket frames of a web page in a Chrome extension or Firefox add-on, in a way that cannot be detected by the page?
Inspect WebSockets frames from a Chrome Dev Tools extension formulates a similar question, but developing a NPAPI plugin no longer makes sense because it will soon be removed.
There is an alternative to Rob W's method that completely masks any interaction with the page (for Chrome)
Namely, you can take out some heavy artillery and use chrome.debugger.
Note that using it will stop you from opening Dev Tools for the page in question (or, more precisely, opening the Dev Tools will make it stop working, since only one debugger client can connect).
This is a pretty low-level API; you'll need to construct your queries using the debugger protocol yourself. Also, the corresponding events are not in the 1.1 documentation, you'll need to look at the development version.
You should be able to receive WebSocket events like those and examine their payloadData:
{"method":"Network.webSocketFrameSent","params":{"requestId":"3080.31","timestamp":18090.353684,"response":{"opcode":1,"mask":true,"payloadData":"Rock it with HTML5 WebSocket"}}}
{"method":"Network.webSocketFrameReceived","params":{"requestId":"3080.31","timestamp":18090.454617,"response":{"opcode":1,"mask":false,"payloadData":"Rock it with HTML5 WebSocket"}}}
This extension sample should provide a starting point.
In fact, here's a starting point, assuming tabId is the tab you're interested in:
chrome.debugger.attach({tabId:tab.id}, "1.1", function() {
chrome.debugger.sendCommand({tabId:tabId}, "Network.enable");
chrome.debugger.onEvent.addListener(onEvent);
});
function onEvent(debuggeeId, message, params) {
if (tabId != debuggeeId.tabId)
return;
if (message == "Network.webSocketFrameSent") {
// do something with params.response.payloadData,
// it contains the data SENT
} else if (message == "Network.webSocketFrameReceived") {
// do something with params.response.payloadData,
// it contains the data RECEIVED
}
}
I have tested this approach (with the linked sample modified as above) and it works.
这篇关于以无法检测的方式检查WebSocket框架的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
