• 接口测试——接口协议抓包分析与mock_L3

    目录:

    1. 弱网测试
      1. ​​​​​​​什么是弱网测试?
      2. 使用 Charles 完成弱网测试
      3. 具体操作:
    2. mock的价值与意义
      1. ​​​​​​​Mock 测试的场景
      2. Mock 测试的价值与意义
      3. Mock 核心要素
    3. mock实战练习
      1. Rewrite 原理
      2. Map Local 原理
      3. Map Remote 原理
    4. 使用curl发送请求
      1. ​​​​​​​​​​​​​​使用 Chrome 开发者工具分析网络请求
      2. HTTP 协议组成
      3. copy as curl的作用
      4. 客户端模拟请求工具
      5. curl 常见用法
      6. 重要参数
      7. 基本参数
      8. 常用命令
      9. 练习
    5. tcpdump与wireshark的使用
      1. ​​​​​​​协议分析工具
      2. tcpdump
      3. WireShark
      4. 抓取访问百度的数据包
      5. 三次握手与四次挥手

    1.弱网测试

    什么是弱网测试?
    • 按照移动的特性,一般应用低于 3G、弱信号的 Wifi 可以划分为弱网
    • 弱网测试是健壮性测试的重要部分,对移动端测试必不可少
    • 弱网测试主要进行弱网状态下的功能测试,同时关注用户体验
    使用 Charles 完成弱网测试
    • 带宽
    • 丢包
    • 延迟

    具体操作:

    1.打开MuMu模拟器

    2.打开Charles

    3.查看ip地址

    点击以下按钮

     弹出ip界面

    4.打开MuMu模拟器的设置

     

    5.打开wifi

    6.点击修改网络

     

    7.设置手动代理,填写上边Charlse的ip地址和端口号,点击保存

    8.此时配置完后,charles会弹出提示框,点击allow,现在可以抓到mumu模拟器的包了

    9.设置弱网:

    点击Throttle Settings

    模拟3G网络

    刷新一下mumu模拟器浏览的网页,可以明显看到网速变慢了,如果3G不合适调试更弱的网试一试

    2.mock的价值与意义

    Mock 测试的场景
    • 前后端数据交互
    • 第三方系统数据交互
    • 硬件设备解耦
    Mock 测试的价值与意义
    • 不依赖第三方数据
    • 节省工作量
    • 节省联调
    Mock 核心要素
    • 匹配规则
    • 模拟响应

    3.mock实战练习

    Rewrite 原理

    Rewrite 实战

    • 场景
      • 修改雪球行情页面的股票名称
    • 设置方法
      • Tools -> Rewrite
      • 勾选 Enable Rewrite
      • 点击下方 Add 按钮新建一个重写的规则
      • 在右侧编辑重写规则
      • 点击 ok 生效

     

    具体操作:

    让charles能够抓到mumu模拟器的包:具体看上边弱网测试的操作

    打开雪球App

    点击行情

    在charles中,点击快捷键 ctrl+f ,输入恒为科技,点击find

    双击查看响应:

    验证响应结果是否正确:

    点击tools,点击rewrite

    点击ok

    刷新mumu模拟器:

    Map Local 原理

    • 场景
      • 修改雪球行情页面的股票名称
    • 操作
      • 准备本地接口响应数据
      • 配置 Map Local
        • 选择要进行 Map Local 的接口
        • 鼠标右键 – 选择 Map Local 选项进入设置界面
        • Map From 填写接口的信息
        • Map To 选择本地文件
      • 修改 Map Local 配置:Tools – Map Local

    保存响应:

    打开看一下响应:

    整理响应格式,修改响应内容:恒为科技改为百度666,保存文件

    点击MapLocal:

    配置maplocal

    刷新mumu模拟器:

    Map Remote 原理

    Map Remote 实战

    • 场景
      • 访问百度,转发至豆瓣
      • 访问开发环境,转发至测试环境
        • 前端:http://stuq.ceshiren.com:8081/#/mapLocal
        • 开发环境接口:http://stuq.ceshiren.com:8089/report/showMapLocal
        • 测试环境接口:http://stuq.ceshiren.com:9098/report/showMapLocal
    • 操作
      • 选择接口,点击鼠标右键,选择 Map Remote 进入到设置页面
      • 设置重定向的接口信息
      • 点击 ok 生效
      • 修改设置:Tools – Map Remote 找对对应接口双击进入修改界面

     

    4.使用curl发送请求

    使用 Chrome 开发者工具分析网络请求

    HTTP 协议组成
    • target:url protocol host port
    • request
      • request:get、post、put、delete、head
      • header: host cookie user-agent
      • get query
      • post body:json xml form
    • response:
      • status line
      • header
      • body 

    copy as curl功能

    copy as curl的作用
    • 把浏览器发送的请求真实的还原出来
    • 附带了认证信息,所以可以脱离浏览器执行
    • 可以方便开发者重放请求、修改参数调试,编写脚本 
    客户端模拟请求工具
    • nc:tcp/udp 协议发送
    • curl:最常使用的 http 请求工具
    • postman:综合性的 http 协议测试工具
    • 代理工具、IDE 工具、浏览器插件工具
    curl 常见用法
    • url=http://www.baidu.com
    • get请求 curl $url
    • post请求 curl -d 'xxx' $url
    • proxy使用 curl -x 'http://127.0.0.1:8080' $url
    重要参数
    • -H "Content-Type: application/json" 消息头设置
    • -u username:password 用户认证
    • -d 要发送的post数据 @file 表示来自于文件
    • --data-urlencode 'page_size=50' 对内容进行url编码
    • -G 把data数据当成get请求的参数发送,长与–data-urlencode结合使用
    • -o 写文件
    • -x 代理 http代理 socks5代理
    • -v verbose 打印更详细日志 -s 关闭一些提示输出
    基本参数
    1. Usage: curl [options...] 
    2. Options: (H) means HTTP/HTTPS only, (F) means FTP only
    3.      --anyauth       Pick "any" authentication method (H)
    4.  -a, --append        Append to target file when uploading (F/SFTP)
    5.      --basic         Use HTTP Basic Authentication (H)
    6.      --cacert FILE   CA certificate to verify peer against (SSL)
    7.      --capath DIR    CA directory to verify peer against (SSL)
    8.  -E, --cert CERT[:PASSWD]  Client certificate file and password (SSL)
    9.      --cert-status   Verify the status of the server certificate (SSL)
    10.      --cert-type TYPE  Certificate file type (DER/PEM/ENG) (SSL)
    11.      --ciphers LIST  SSL ciphers to use (SSL)
    12.      --compressed    Request compressed response (using deflate or gzip)
    13.  -K, --config FILE   Read config from FILE
    14.      --connect-timeout SECONDS  Maximum time allowed for connection
    15.      --connect-to HOST1:PORT1:HOST2:PORT2 Connect to host (network level)
    16.  -C, --continue-at OFFSET  Resumed transfer OFFSET
    17.  -b, --cookie STRING/FILE  Read cookies from STRING/FILE (H)
    18.  -c, --cookie-jar FILE  Write cookies to FILE after operation (H)
    19.      --create-dirs   Create necessary local directory hierarchy
    20.      --crlf          Convert LF to CRLF in upload
    21.      --crlfile FILE  Get a CRL list in PEM format from the given file
    22.  -d, --data DATA     HTTP POST data (H)
    23.      --data-raw DATA  HTTP POST data, '@' allowed (H)
    24.      --data-ascii DATA  HTTP POST ASCII data (H)
    25.      --data-binary DATA  HTTP POST binary data (H)
    26.      --data-urlencode DATA  HTTP POST data url encoded (H)
    27.      --delegation STRING  GSS-API delegation permission
    28.      --digest        Use HTTP Digest Authentication (H)
    29.      --disable-eprt  Inhibit using EPRT or LPRT (F)
    30.      --disable-epsv  Inhibit using EPSV (F)
    31.      --dns-servers   DNS server addrs to use: 1.1.1.1;2.2.2.2
    32.      --dns-interface  Interface to use for DNS requests
    33.      --dns-ipv4-addr  IPv4 address to use for DNS requests, dot notation
    34.      --dns-ipv6-addr  IPv6 address to use for DNS requests, dot notation
    35.  -D, --dump-header FILE  Write the received headers to FILE
    36.      --egd-file FILE  EGD socket path for random data (SSL)
    37.      --engine ENGINE  Crypto engine (use "--engine list" for list) (SSL)
    38.      --expect100-timeout SECONDS How long to wait for 100-continue (H)
    39.  -f, --fail          Fail silently (no output at all) on HTTP errors (H)
    40.      --fail-early    Fail on first transfer error, do not continue
    41.      --false-start   Enable TLS False Start.
    42.  -F, --form CONTENT  Specify HTTP multipart POST data (H)
    43.      --form-string STRING  Specify HTTP multipart POST data (H)
    44.      --ftp-account DATA  Account data string (F)
    45.      --ftp-alternative-to-user COMMAND  String to replace "USER [name]" (F)
    46.      --ftp-create-dirs  Create the remote dirs if not present (F)
    47.      --ftp-method [MULTICWD/NOCWD/SINGLECWD]  Control CWD usage (F)
    48.      --ftp-pasv      Use PASV/EPSV instead of PORT (F)
    49.  -P, --ftp-port ADR  Use PORT with given address instead of PASV (F)
    50.      --ftp-skip-pasv-ip  Skip the IP address for PASV (F)
    51.      --ftp-pret      Send PRET before PASV (for drftpd) (F)
    52.      --ftp-ssl-ccc   Send CCC after authenticating (F)
    53.      --ftp-ssl-ccc-mode ACTIVE/PASSIVE  Set CCC mode (F)
    54.      --ftp-ssl-control  Require SSL/TLS for FTP login, clear for transfer (F)
    55.  -G, --get           Send the -d data with a HTTP GET (H)
    56.  -g, --globoff       Disable URL sequences and ranges using {} and []
    57.  -H, --header LINE   Pass custom header LINE to server (H)
    58.  -I, --head          Show document info only
    59.  -h, --help          This help text
    60.      --hostpubmd5 MD5  Hex-encoded MD5 string of the host public key. (SSH)
    61.  -0, --http1.0       Use HTTP 1.0 (H)
    62.      --http1.1       Use HTTP 1.1 (H)
    63.      --http2         Use HTTP 2 (H)
    64.      --http2-prior-knowledge  Use HTTP 2 without HTTP/1.1 Upgrade (H)
    65.      --ignore-content-length  Ignore the HTTP Content-Length header
    66.  -i, --include       Include protocol headers in the output (H/F)
    67.  -k, --insecure      Allow connections to SSL sites without certs (H)
    68.      --interface INTERFACE  Use network INTERFACE (or address)
    69.  -4, --ipv4          Resolve name to IPv4 address
    70.  -6, --ipv6          Resolve name to IPv6 address
    71.  -j, --junk-session-cookies  Ignore session cookies read from file (H)
    72.      --keepalive-time SECONDS  Wait SECONDS between keepalive probes
    73.      --key KEY       Private key file name (SSL/SSH)
    74.      --key-type TYPE  Private key file type (DER/PEM/ENG) (SSL)
    75.      --krb LEVEL     Enable Kerberos with security LEVEL (F)
    76.      --libcurl FILE  Dump libcurl equivalent code of this command line
    77.      --limit-rate RATE  Limit transfer speed to RATE
    78.  -l, --list-only     List only mode (F/POP3)
    79.      --local-port RANGE  Force use of RANGE for local port numbers
    80.  -L, --location      Follow redirects (H)
    81.      --location-trusted  Like '--location', and send auth to other hosts (H)
    82.      --login-options OPTIONS  Server login options (IMAP, POP3, SMTP)
    83.  -M, --manual        Display the full manual
    84.      --mail-from FROM  Mail from this address (SMTP)
    85.      --mail-rcpt TO  Mail to this/these addresses (SMTP)
    86.      --mail-auth AUTH  Originator address of the original email (SMTP)
    87.      --max-filesize BYTES  Maximum file size to download (H/F)
    88.      --max-redirs NUM  Maximum number of redirects allowed (H)
    89.  -m, --max-time SECONDS  Maximum time allowed for the transfer
    90.      --metalink      Process given URLs as metalink XML file
    91.      --negotiate     Use HTTP Negotiate (SPNEGO) authentication (H)
    92.  -n, --netrc         Must read .netrc for user name and password
    93.      --netrc-optional  Use either .netrc or URL; overrides -n
    94.      --netrc-file FILE  Specify FILE for netrc
    95.  -:, --next          Allows the following URL to use a separate set of options
    96.      --no-alpn       Disable the ALPN TLS extension (H)
    97.  -N, --no-buffer     Disable buffering of the output stream
    98.      --no-keepalive  Disable keepalive use on the connection
    99.      --no-npn        Disable the NPN TLS extension (H)
    100.      --no-sessionid  Disable SSL session-ID reusing (SSL)
    101.      --noproxy       List of hosts which do not use proxy
    102.      --ntlm          Use HTTP NTLM authentication (H)
    103.      --ntlm-wb       Use HTTP NTLM authentication with winbind (H)
    104.      --oauth2-bearer TOKEN  OAuth 2 Bearer Token (IMAP, POP3, SMTP)
    105.  -o, --output FILE   Write to FILE instead of stdout
    106.      --pass PASS     Pass phrase for the private key (SSL/SSH)
    107.      --path-as-is    Do not squash .. sequences in URL path
    108.      --pinnedpubkey FILE/HASHES Public key to verify peer against (SSL)
    109.      --post301       Do not switch to GET after following a 301 redirect (H)
    110.      --post302       Do not switch to GET after following a 302 redirect (H)
    111.      --post303       Do not switch to GET after following a 303 redirect (H)
    112.      --preproxy [PROTOCOL://]HOST[:PORT] Proxy before HTTP(S) proxy
    113.  -#, --progress-bar  Display transfer progress as a progress bar
    114.      --proto PROTOCOLS  Enable/disable PROTOCOLS
    115.      --proto-default PROTOCOL  Use PROTOCOL for any URL missing a scheme
    116.      --proto-redir PROTOCOLS   Enable/disable PROTOCOLS on redirect
    117.  -x, --proxy [PROTOCOL://]HOST[:PORT]  Use proxy on given port
    118.      --proxy-anyauth  Pick "any" proxy authentication method (H)
    119.      --proxy-basic   Use Basic authentication on the proxy (H)
    120.      --proxy-digest  Use Digest authentication on the proxy (H)
    121.      --proxy-cacert FILE CA certificate to verify peer against for proxy (SSL)
    122.      --proxy-capath DIR CA directory to verify peer against for proxy (SSL)
    123.      --proxy-cert CERT[:PASSWD] Client certificate file and password for proxy (SSL)
    124.      --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) for proxy (SSL)
    125.      --proxy-ciphers LIST SSL ciphers to use for proxy (SSL)
    126.      --proxy-crlfile FILE Get a CRL list in PEM format from the given file for proxy
    127.      --proxy-insecure Allow connections to SSL sites without certs for proxy (H)
    128.      --proxy-key KEY Private key file name for proxy (SSL)
    129.      --proxy-key-type TYPE Private key file type for proxy (DER/PEM/ENG) (SSL)
    130.      --proxy-negotiate  Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)
    131.      --proxy-ntlm    Use NTLM authentication on the proxy (H)
    132.      --proxy-header LINE Pass custom header LINE to proxy (H)
    133.      --proxy-pass PASS Pass phrase for the private key for proxy (SSL)
    134.      --proxy-ssl-allow-beast Allow security flaw to improve interop for proxy (SSL)
    135.      --proxy-tlsv1   Use TLSv1 for proxy (SSL)
    136.      --proxy-tlsuser USER TLS username for proxy
    137.      --proxy-tlspassword STRING TLS password for proxy
    138.      --proxy-tlsauthtype STRING TLS authentication type for proxy (default SRP)
    139.      --proxy-service-name NAME  SPNEGO proxy service name
    140.      --service-name NAME  SPNEGO service name
    141.  -U, --proxy-user USER[:PASSWORD]  Proxy user and password
    142.      --proxy1.0 HOST[:PORT]  Use HTTP/1.0 proxy on given port
    143.  -p, --proxytunnel   Operate through a HTTP proxy tunnel (using CONNECT)
    144.      --pubkey KEY    Public key file name (SSH)
    145.  -Q, --quote CMD     Send command(s) to server before transfer (F/SFTP)
    146.      --random-file FILE  File for reading random data from (SSL)
    147.  -r, --range RANGE   Retrieve only the bytes within RANGE
    148.      --raw           Do HTTP "raw"; no transfer decoding (H)
    149.  -e, --referer       Referer URL (H)
    150.  -J, --remote-header-name  Use the header-provided filename (H)
    151.  -O, --remote-name   Write output to a file named as the remote file
    152.      --remote-name-all  Use the remote file name for all URLs
    153.  -R, --remote-time   Set the remote file's time on the local output
    154.  -X, --request COMMAND  Specify request command to use
    155.      --resolve HOST:PORT:ADDRESS  Force resolve of HOST:PORT to ADDRESS
    156.      --retry NUM   Retry request NUM times if transient problems occur
    157.      --retry-connrefused  Retry on connection refused (use with --retry)
    158.      --retry-delay SECONDS  Wait SECONDS between retries
    159.      --retry-max-time SECONDS  Retry only within this period
    160.      --sasl-ir       Enable initial response in SASL authentication
    161.  -S, --show-error    Show error. With -s, make curl show errors when they occur
    162.  -s, --silent        Silent mode (don't output anything)
    163.      --socks4 HOST[:PORT]  SOCKS4 proxy on given host + port
    164.      --socks4a HOST[:PORT]  SOCKS4a proxy on given host + port
    165.      --socks5 HOST[:PORT]  SOCKS5 proxy on given host + port
    166.      --socks5-hostname HOST[:PORT]  SOCKS5 proxy, pass host name to proxy
    167.      --socks5-gssapi-service NAME  SOCKS5 proxy service name for GSS-API
    168.      --socks5-gssapi-nec  Compatibility with NEC SOCKS5 server
    169.  -Y, --speed-limit RATE  Stop transfers below RATE for 'speed-time' secs
    170.  -y, --speed-time SECONDS  Trigger 'speed-limit' abort after SECONDS (default: 30)
    171.      --ssl           Try SSL/TLS (FTP, IMAP, POP3, SMTP)
    172.      --ssl-reqd      Require SSL/TLS (FTP, IMAP, POP3, SMTP)
    173.  -2, --sslv2         Use SSLv2 (SSL)
    174.  -3, --sslv3         Use SSLv3 (SSL)
    175.      --ssl-allow-beast  Allow security flaw to improve interop (SSL)
    176.      --ssl-no-revoke    Disable cert revocation checks (WinSSL)
    177.      --stderr FILE   Where to redirect stderr (use "-" for stdout)
    178.      --suppress-connect-headers  Suppress proxy CONNECT response headers
    179.      --tcp-nodelay   Use the TCP_NODELAY option
    180.      --tcp-fastopen  Use TCP Fast Open
    181.  -t, --telnet-option OPT=VAL  Set telnet option
    182.      --tftp-blksize VALUE  Set TFTP BLKSIZE option (must be >512)
    183.      --tftp-no-options  Do not send TFTP options requests
    184.  -z, --time-cond TIME   Transfer based on a time condition
    185.  -1, --tlsv1         Use >= TLSv1 (SSL)
    186.      --tlsv1.0       Use TLSv1.0 (SSL)
    187.      --tlsv1.1       Use TLSv1.1 (SSL)
    188.      --tlsv1.2       Use TLSv1.2 (SSL)
    189.      --tlsv1.3       Use TLSv1.3 (SSL)
    190.      --tls-max VERSION  Use TLS up to VERSION (SSL)
    191.      --trace FILE    Write a debug trace to FILE
    192.      --trace-ascii FILE  Like --trace, but without hex output
    193.      --trace-time    Add time stamps to trace/verbose output
    194.      --tr-encoding   Request compressed transfer encoding (H)
    195.  -T, --upload-file FILE  Transfer FILE to destination
    196.      --url URL       URL to work with
    197.  -B, --use-ascii     Use ASCII/text transfer
    198.  -u, --user USER[:PASSWORD]  Server user and password
    199.      --tlsuser USER  TLS username
    200.      --tlspassword STRING  TLS password
    201.      --tlsauthtype STRING  TLS authentication type (default: SRP)
    202.      --unix-socket PATH    Connect through this Unix domain socket
    203.      --abstract-unix-socket PATH Connect to an abstract Unix domain socket
    204.  -A, --user-agent STRING  Send User-Agent STRING to server (H)
    205.  -v, --verbose       Make the operation more talkative
    206.  -V, --version       Show version number and quit
    207.  -w, --write-out FORMAT  Use output FORMAT after completion
    208.      --xattr         Store metadata in extended file attributes
    209.  -q, --disable       Disable .curlrc (must be first parameter)

    常用命令
    1. url=http://www.baidu.com
    2.  
    3. ## get请求加json解析 
    4. curl -s 'https://xueqiu.com/stock/search.json?code=sogo&size=3&page=1' -H 'Connection: keep-alive' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'Accept: application/json, text/plain, */*' -H 'Sec-Fetch-Dest: empty' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36' -H 'elastic-apm-traceparent: 00-760301b0a132e9a4c0f5ac7448a3419e-8823be75504fc61f-00' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=sogo' -H 'Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7' -H 'Cookie: device_id=24700f9f1986800ab4fcc880530dd0ed; cookiesu=841584103115161; aliyungf_tc=AQAAAIPytE8aVQoAXhjf3cw3R+j5DD/s; acw_tc=2760824b15851452106833674e25941ad47588d5d7ded79b38a04dad8f9444; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d624c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aWQiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg1MTQ1MTYxMDIwLCJjaWQiOiJkOWQwbjRBWnVwIn0.TPrw6_M2Th9QTVz5spwUybqN1790nJANu9kxXl4GfNb1eQ2p2zD43CStgogOGQ8yRXYmSCfURp0343wgjnnCdnQX5698Jl-brdP94wiYKwv11q8QjBYMXFWJGRj0g69C2nxVrRF8K-ETGEked3KjYfk8Xy2wPuZtyGUhORWeCvMhmBdcRKIlWj4d7wp-w_LjMbSLigJAT29F03wBZIxR0r3eMNUhUsXh8dCsWNb6wzhtg8dT4gcd91mQmR5ToR_SFrzQfOopY4vQGcaOHWaAwUMPLUopZwD4ajWzm1kpoBZnf_n_9uBfT4j0nGk95E8J8EmTfBlq-1p019xkhgp87w; u=431585145210698; Hm_lvt_1db88642e346389874251b5a1eded6e3=1583285031,1584102200,1585145180; Hm_lpvt_1db88642e346389874251b5a1eded6e3=1585145192' --compressed | jq
    5. {
    6.   "q": "sogo",
    7.   "page": 1,
    8.   "size": 3,
    9.   "stocks": [
    10.     {
    11.       "code": "SOGO",
    12.       "name": "搜狗",
    13.       "enName": "",
    14.       "hasexist": "false",
    15.       "flag": null,
    16.       "type": 0,
    17.       "stock_id": 1029472,
    18.       "ind_id": 0,
    19.       "ind_name": "通讯业务",
    20.       "ind_color": null,
    21.       "_source": "sc_1:1:sogo"
    22.     }
    23.   ]
    24. }
    25.  
    26.  
    27. #post请求
    28. curl 'http://sonarqube.testing-studio.com:9000/api/authentication/login' -H 'Connection: keep-alive' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'Accept: application/json' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Origin: http://sonarqube.testing-studio.com:9000' -H 'Referer: http://sonarqube.testing-studio.com:9000/sessions/new' -H 'Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7' -H 'Cookie: _ga=GA1.2.232181868.1566982077; experimentation_subject_id=IjNlYzgxODQ1LTU2MDAtNGIyNy1iNTgzLTE1MzRkY2IwMDI0ZSI%3D--b1f29d33f6a2c85a81be66e4774d437f710c102f; _gid=GA1.2.482544306.1585051015' --data 'login=admin&password=1234' --compressed --insecure
    29.  
    30. #百度的一个url提交脚本
    31. curl -H 'Content-Type:text/plain' --data-binary @urls.txt "http://data.zz.baidu.com/urls"
    32.  
    33. #对参数编码并发送get请求
    34.     curl -G $url  \
    35.         --data-urlencode "current=$current" \
    36.         --data-urlencode "pageSize=$pageSize" 
    37.  
    38.  
    39. #认证与put上传都ElasticSearch里
    40.     curl -X PUT "$ES_HOST/$index/_doc/$id?pretty" \
    41.         --user username:password \
    42.         -H 'Content-Type: application/json' \
    43.         -d "$content"
    44.  
    45.  
    46. #查看邮箱
    47. curl -s --user $mail_username:$mail_password "imaps://imap.exmail.qq.com/inbox?all"
    练习

    手工向百度发起一个 http 请求 

    5.tcpdump与wireshark的使用

    协议分析工具
    • 网络监听:TcpDump + WireShark
    • 代理 Proxy
      • 推荐工具:手工测试charles [全平台]、安全测试burpsuite [全平台 java]
      • 自动化测试:mitmproxy
      • 其他代理: fiddler [仅windows]、AnyProxy [全平台]
    • 协议客户端工具: curl、postman
    tcpdump
    • 参数:
      • -x 十六进制展示
      • -w file 保存文件
    • 表达式:
      • ip tcp 协议
      • host 主机名
      • port 80
      • src 来源 dst 目的
      • and or () 逻辑表达式

    WireShark

    抓取访问百度的数据包
    • sudo tcpdump host www.baidu.com -w /tmp/tcpdump.log
    • curl http://www.baidu.com
    • 停止tcpdump
    • 使用wireshark打开/tmp/tcpdump.log
    三次握手与四次挥手

      

  • 相关阅读:
    .NET MAUI in Mac
    《财富》500 强企业要求 curl 开源工具作者提供免费及时的支持;基于Chromium的Edge浏览器正在整合文本预测功能 | 开源日报
    Node.js的入门及模块化
    客户端存储localStorage和sessionStorage以及Cookie
    SpringBoot3 整合SpringSecurity
    【FreeRADIUS】使用FreeRADIUS进行SSH身份验证
    c#设计模式-行为型模式 之 中介者模式
    【云原生之Docker实战】使用docker部署Superset数据分析与可视化平台
    LabVIEW将 VI 升级到较新的版本和恢复为先前版本
    入门力扣自学笔记147 C++ (题目编号1598)
  • 原文地址:https://blog.csdn.net/qq_56444564/article/details/133376908