首先使用wireshark启动抓包,然后以百度为例,访问百度的首页,之后停止抓包,wireshark的fiter框中输入:
http && http.host matches "baidu"
显示出所有针对百度的get请求,在某一条get请求上右键点击“follow tcp stream”,会弹出一个“follow tcp stream”对话框,显示所有与百度交互的http流,其中注意到百度的应答http头如下:
HTTP/1.1 200 OK
Date: Fri, 06 Mar 2015 09:34:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: Keep-Alive
Cache-Control: private
Expires: Fri, 06 Mar 2015 09:34:02 GMT
<span style="background-color: rgb(255, 0, 0);">Content-Encoding: gzip</span>
Server: BWS/1.1
BDPAGETYPE: 2
BDQID: 0xaba126000003d5cb
BDUSERID: 44636996
Set-Cookie: BDSVRTM=138; path=/
Set-Cookie: BD_HOME=1; path=/
Set-Cookie: H_PS_PSSID=12633_12749_11076_1457_12692_12694_12716_12721_12729_12736_12738_12743_11089_10633; path=/; domain=.baidu.com
此时,需要会退到wireshark的主窗口,选择file菜单下的export objects->html,这时会显示http objects对话框,如下所示:
根据hostname、filename选择一条,点击save as即可保存成html文件