Friday, January 23, 2009

httpry - http packet sniffer logging

source : http://www.packetstormsecurity.com/sniffers/httpry-0.1.4.tar.gz

Description:
httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
Author: Dumpster Keeper
Homepage: http://dumpsterventures.com/jason/httpry/
Changes: Adds a few nice improvements to the base program. The biggest change is that the program now defaults to parsing all standard HTTP methods.
File Size: 44477
Last Modified: Jan 13 19:13:48 2009
MD5 Checksum: ab5cdae9317908bac3c67fb9f26cf00e

extract

make
makeinstall


root@boc [~/httpry-0.1.4]# ./httpry -i eth1
httpry version 0.1.4 -- HTTP logging and information retrieval tool
Copyright (c) 2005-2009 Jason Bittel
Starting capture on eth1 interface
2009-01-23 14:57:41 10.11.12.66 10.11.21.200 > GET 10.11.21 .200 / HTTP/1.1 - -
2009-01-23 14:57:41 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:00:25 10.11.12.66 10.11.21.200 > GET 10.11.21 .200 / HTTP/1.1 - -
2009-01-23 15:00:25 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:01:02 10.11.12.66 10.11.21.200 > POST 10.11.21 .200 /index.php HTTP/1.1 - -
2009-01-23 15:01:02 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:01:06 10.11.12.66 10.11.21.200 > POST 10.11.21 .200 /index.php HTTP/1.1 - -
2009-01-23 15:01:06 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:01:06 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:01:07 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:01:16 10.11.12.66 10.11.21.200 > POST 10.11.21 .200 /index.php HTTP/1.1 - -
2009-01-23 15:01:32 10.11.21.200 10.11.12.66 < - - - HTTP/1.1 200 OK
2009-01-23 15:28:42 10.11.21.200 10.11.15.171 > GET yum.telkom.net.id /rhe5-i386/epel/repodata/repomd.xml HTTP/1.1 - -
2009-01-23 15:28:42 10.11.15.171 10.11.21.200 < - - - HTTP/1.1 200 OK

analisa terus ....

akhir2x ini lagi asyik nih baca paketstormsecurity , situs audit yang sudah lama ditinggalkan .... akhirnya dibaca kembali ....

No comments:

Post a Comment