分析发彩信tcp/ip数据包

艾燕

于 2022-08-26 15:00:24 发布

阅读量899

点赞数

文章标签： tcp/ip 网络服务器

本文链接：https://blog.csdn.net/Tifa_Ai/article/details/126543583

版权

三次握手建立连接
tcp segment of a reassembled pdu
发送N个pdu（Protocol Data Unit），每个长度1024
MMS m-send-req (PNG) 向彩信中心发送请求
POST /mms/wapenc HTTP/1.1\r\n

Frame 3388: 326 bytes on wire (2608 bits), 326 bytes captured (2608 bits)
Linux cooked capture
Internet Protocol Version 6, Src: 2607:fb90:80b1:f7d5:f2d1:cf7a:d1ed:de44, Dst: 2607:7700:0:19:0:1:abc:ef8f
Transmission Control Protocol, Src Port: 46782, Dst Port: 80, Seq: 23713, Ack: 1, Len: 238
    Source Port: 46782
    Destination Port: 80
    [Stream index: 73]
    [TCP Segment Len: 238]
    Sequence number: 23713    (relative sequence number)
    [Next sequence number: 23951    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
    Window size value: 57
    [Calculated window size: 29184]
    [Window size scaling factor: 512]
    Checksum: 0x221b [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
    [Timestamps]
    TCP payload (238 bytes)
    TCP segment data (238 bytes)
[20 Reassembled TCP Segments (23950 bytes): #3332(1248), #3334(1248), #3336(1248), #3338(1248), #3340(1248), #3341(1248), #3342(1248), #3343(1248), #3344(1248), #3345(1248), #3366(1248), #3368(1248), #3370(1248), #3372(1248), #3376(1248), #]
Hypertext Transfer Protocol
    POST /mms/wapenc HTTP/1.1\r\n
    Host: mms.msg.eng.t-mobile.com\r\n
    User-Agent: Nokia 2780/KaiOS 3.1\r\n
    Accept: */*\r\n
    Accept-Language: en-US,en;q=0.5\r\n
    Accept-Encoding: gzip, deflate\r\n
    Content-Type: application/vnd.wap.mms-message\r\n
    Content-Length: 23602\r\n
    x-wap-profile: http://useragentprofile.hmdglobal.com/uaprof/NokiaN139DLr100.xml\r\n
    Connection: keep-alive\r\n
    \r\n
    [Full request URI: http://mms.msg.eng.t-mobile.com/mms/wapenc]
    [HTTP request 1/1]
    [Response in frame: 3427]
    File Data: 23602 bytes
MMS Message Encapsulation, Type: m-send-req

服务器回答，看ACK=xx，看他回到的哪一个请求
MMS m-send-conf 彩信中心回答 HTTP/1.1 200 OK

Frame 3427: 448 bytes on wire (3584 bits), 448 bytes captured (3584 bits)
Linux cooked capture
Internet Protocol Version 6, Src: 2607:7700:0:19:0:1:abc:ef8f, Dst: 2607:fb90:80b1:f7d5:f2d1:cf7a:d1ed:de44
Transmission Control Protocol, Src Port: 80, Dst Port: 46782, Seq: 1, Ack: 23951, Len: 360
    Source Port: 80
    Destination Port: 46782
    [Stream index: 73]
    [TCP Segment Len: 360]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 361    (relative sequence number)]
    Acknowledgment number: 23951    (relative ack number)
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x018 (PSH, ACK)
    Window size value: 44460
    [Calculated window size: 177840]
    [Window size scaling factor: 4]
    Checksum: 0x47aa [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
    [Timestamps]
    TCP payload (360 bytes)
Hypertext Transfer Protocol
    HTTP/1.1 200 OK\r\n
    content-type: application/vnd.wap.mms-message\r\n
    content-length: 130\r\n
    Vary: Accept-Encoding\r\n
    Content-Encoding: gzip\r\n
    Connection: close\r\n
    Date: Thu, 25 Aug 2022 20:32:19 GMT\r\n
    Server: Mavenir Web Application Server\r\n
    \r\n
    [HTTP response 1/1]
    [Time since request: 0.208767000 seconds]
    [Request in frame: 3388]
    [Request URI: http://mms.msg.eng.t-mobile.com/mms/wapenc]
    Content-encoded entity body (gzip): 130 bytes -> 115 bytes
    File Data: 115 bytes
MMS Message Encapsulation, Type: m-send-conf