Is there a possibility that a website's source page can be captured and viewed using Wireshark ? I do not need the header packets, what I am looking for is the full source page of any site that I open while running the Wireshark.
Asked
Active
Viewed 1,117 times
1 Answers
1
Yes - in the list of packets, right-click and say "Follow TCP Stream". For uncompressed content, that's it.
If the content is gzipped, you need to save that output to a file, use a decent text editor (that won't break binary content) to strip away the headers, then run gunzip to decompress it.
(If anyone knows of a way to make Wireshark do all that itself, I'm all ears!)
Edit: Just noticed the 'chunked-encoding' tag... that makes it harder. Editing away the chunk headers in the text editor should be possible, but tedious if there are a lot of them.
RichieHindle
- 272,464
- 47
- 358
- 399
-
1I think what he is looking for is un-GZipped (uncompressed and decoded) reassembled data. Can you name any decent text editor that can strip away the headers (I have used the Notepad++ but failed :-( ). – Abhineet Apr 20 '12 at 16:01
-
@AbhineetK7: I've used SciTE for this job before. – RichieHindle Apr 20 '12 at 17:07