- 三次握手建立连接
- tcp segment of a reassembled pdu
发送N个pdu(Protocol Data Unit), 每个长度1024
- MMS m-send-req (PNG) 向彩信中心发送请求
POST /mms/wapenc HTTP/1.1\r\n
Frame 3388: 326 bytes on wire (2608 bits), 326 bytes captured (2608 bits)
Linux cooked capture
Internet Protocol Version 6, Src: 2607:fb90:80b1:f7d5:f2d1:cf7a:d1ed:de44, Dst: 2607:7700:0:19:0:1:abc:ef8f
Transmission Control Protocol, Src Port: 46782, Dst Port: 80, Seq: 23713, Ack: 1, Len: 238
Source Port: 46782
Destination Port: 80
[Stream index: 73]
[TCP Segment Len: 238]
Sequence number: 23713 (relative sequence number)
[Next sequence number: 23951 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
1000 .... = Header Length: 32 bytes (8)
Flags: 0x018 (PSH, ACK)
Window size value: 57
[Calculated window size: 29184]
[Window size scaling factor: 512]
Checksum: 0x221b [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
[SEQ/ACK analysis]
[Timestamps]
TCP payload (238 bytes)
TCP segment data (238 bytes)
[20 Reassembled TCP Segments (23950 bytes): #3332(1248), #3334(1248), #3336(1248), #3338(1248), #3340(1248), #3341(1248), #3342(1248), #3343(1248), #3344(1248), #3345(1248), #3366(1248), #3368(1248), #3370(1248), #3372(1248), #3376(1248), #]
Hypertext Transfer Protocol
POST /mms/wapenc HTTP/1.1\r\n
Host: mms.msg.eng.t-mobile.com\r\n
User-Agent: Nokia 2780/KaiOS 3.1\r\n
Accept: *
- 服务器回答,看ACK=xx,看他回到的哪一个请求
- MMS m-send-conf 彩信中心回答 HTTP/1.1 200 OK
Frame 3427: 448 bytes on wire (3584 bits), 448 bytes captured (3584 bits)
Linux cooked capture
Internet Protocol Version 6, Src: 2607:7700:0:19:0:1:abc:ef8f, Dst: 2607:fb90:80b1:f7d5:f2d1:cf7a:d1ed:de44
Transmission Control Protocol, Src Port: 80, Dst Port: 46782, Seq: 1, Ack: 23951, Len: 360
Source Port: 80
Destination Port: 46782
[Stream index: 73]
[TCP Segment Len: 360]
Sequence number: 1 (relative sequence number)
[Next sequence number: 361 (relative sequence number)]
Acknowledgment number: 23951 (relative ack number)
1000 .... = Header Length: 32 bytes (8)
Flags: 0x018 (PSH, ACK)
Window size value: 44460
[Calculated window size: 177840]
[Window size scaling factor: 4]
Checksum: 0x47aa [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
[SEQ/ACK analysis]
[Timestamps]
TCP payload (360 bytes)
Hypertext Transfer Protocol
HTTP/1.1 200 OK\r\n
content-type: application/vnd.wap.mms-message\r\n
content-length: 130\r\n
Vary: Accept-Encoding\r\n
Content-Encoding: gzip\r\n
Connection: close\r\n
Date: Thu, 25 Aug 2022 20:32:19 GMT\r\n
Server: Mavenir Web Application Server\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.208767000 seconds]
[Request in frame: 3388]
[Request URI: http:
Content-encoded entity body (gzip): 130 bytes -> 115 bytes
File Data: 115 bytes
MMS Message Encapsulation, Type: m-send-conf
- 四次挥手结束
小结, 主要分析与彩信中心通信, 搜索mmse, 看 m-send-req和m-send-conf