Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I would like to write a program to extract the URLs of websites visited by a system (an IP address) through packet capture.. I think this URL will come in the data section ( ie not in any of the headers – ethernet / ip / tcp-udp ).. ( Such programs are sometimes referred to as http sniffers , i’m not supposed to use any available tool ). As a beginner , I’ve just now gone through this basic sniffer program : sniffex.c.. Can anyone please tell me in which direction i should proceed..
Note: In the info below, assume that GET also includes POST and the other HTTP methods too.
It’s definitely going to be a lot more work than looking at one packet, but if you capture the entire stream you should be able to get it from the HTTP headers sent out.
Try looking at the Host header if that’s provided, and also what is actually requested by the GET. The GET can be either a full URL or just a file name on the server.
Also note that this has nothing to do with getting a domain name from an IP address. If you want the domain name, you have to dig into the data.
Quick example on my machine, from Wireshark:
Another example, not from a browser, and with only a path in the GET:
In the second example, the actual URL is http://example.com/ccnet/XmlStatusReport.aspx