WireShark HTTP파싱 스크립트

wireshark export packet details-All expanded 에 대한 파싱스크립트

 

* HTTP GET *

==========================================================================================

if( $#ARGV < 0 )
  { die "Supply a file name, please.\n"; }
if( $#ARGV > 0 )
  { die "Too many parameter.\n"; }

$fileName = shift( @ARGV );

if( -d $fileName )
  { die "$fileName is a directory.\n"; }

-e $fileName || die "$fileName is not exist.\n";

-T $fileName || die "$fileName is not a text file.\n";

open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$matching = 0;
$i=1;
while($aLine =<fileHandle>)
{
  if($aLine =~/^\s*?GET \//)
  {
    print $i.'.'.$aLine;
    $i = $i+1;
  }
}
close(fileHandle);
==========================================================================================

 

* HTTP Header *

==========================================================================================

if( $#ARGV < 0 )
  { die "Supply a file name, please.\n"; }
if( $#ARGV > 0 )
  { die "Too many parameter.\n"; }

$fileName = shift( @ARGV );

if( -d $fileName )
  { die "$fileName is a directory.\n"; }

-e $fileName || die "$fileName is not exist.\n";

-T $fileName || die "$fileName is not a text file.\n";

open( fileHandle, $fileName ) || die "Cannot open $fileName.\n";
$matching = 0;
$i=0;
while($aLine =<fileHandle>)
{
  if($aLine =~/^\s{4}\\r\\n/)
  {

    $matching = 0;
  }
  if($matching == 1)
  {
    print $i.'.'.$aLine;

   }
  if($aLine =~/Request Version: HTTP\/1\./)
  {
    $matching = 1;
    $i = $i+1;
  }

}
close(fileHandle);

==========================================================================================