miceno/sniff-header.sh

Created January 5, 2018 17:24

Star 0 You must be signed in to star a gist
Fork 0 You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/miceno/5253c3f1655ea57f8cbce4d6ba70422c.js"></script>
Save miceno/5253c3f1655ea57f8cbce4d6ba70422c to your computer and use it in GitHub Desktop.

Download ZIP

Sniff HTTP headers directly with tcpdump

Raw

sniff-header.sh

	#!/usr/bin/env bash
	INTERFACE=eno16777984
	PORT=80

	tcpdump -i $INTERFACE -A -s 10240 'tcp port '$PORT' and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' \
	\| egrep --line-buffered "^........(GET \|HTTP\/\|POST \|HEAD )\|^[A-Za-z0-9-]+: " \
	\| sed -r 's/^........(GET \|HTTP\/\|POST \|HEAD )/\n\1/g'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment