-1

Is there a way to take the web page content with the TCPDump?

E.g: I'm going to google.com and seaching for "test something testing". So, I go to the terminal and use the command: "tcpdump -A -c 200". Then I refresh the google page so the tcpdump can take the packages.

The output of the tcpdump are many random characters...

I was hoping to find some of the words that I searched before, but that was unsuccessful.

Does anyone know if there is a way to do it?

Thanks in advance.

Rodrigo Marques
  • 164
  • 1
  • 3
  • What are you looking for exactly in the packet you capture? Whole content as HTML? Other data sent? –  Sep 03 '14 at 18:50
  • Hey Carlier, I'm trying to take the output of the tcpdump in a text format. I know how to take the headers and other things, but what I really want is the content of the page. Like, I searched for "test something testing", so in the output should appear some of these words you know? As I said to the user3270760, a friend of mine said that he did it before but he doesn't remember how to do it anymore. I'm searching about it for about a week and couldn't find anything about it. – Rodrigo Marques Sep 04 '14 at 18:01

1 Answers1

0

Check out the ngrep utility. It might be more like what you are looking for. Here is some information on it: http://ngrep.sourceforge.net/usage.html

user3270760
  • 1,444
  • 5
  • 23
  • 45
  • Hey, thanks for the tip. But I've tryed the ngrep and tcpflow before and they didn't do exactly what I want. What I'm trying to do is to take the whole content (or most part of it) of the page in the tcpdump output in a text format. I'm not sure if it's possible to do such thing, but a friend of mine told me that he did it once but he doesn't remember how... – Rodrigo Marques Sep 04 '14 at 17:58