智能TCL电视机在线数据抓包

智能TCL电视机在线数据抓包 电视抓包 为了捕捉电视开机到打开天气预报节目的过程中都 传输了哪些数据。 一,实验环境: 电视:TCL58 IP为192.168.100.111 虚拟机:linux5系统Redhat IP为192.168.100.24 二,实现过程 电视:设置网关192.168.100.24 虚拟机:echo1/proc/sys//ipv4/ip_forward iptables-tnat-APOSTROUTING-s192.168.100.111-jMASQUERADE tcpdump-ieth0-nn-vv-tttt-s65535host192.168.100.111-wtcpdump.txt 目录 三,电视抓包... 1、电视开机，通过ARP协议广播查找谁是网关 192.168.100.24，获取网关的mac地址2 2、通过DNS,请求域名main.cedock，告诉电视该域 名的IP124.40.120.20.3 3.电视向cedock/service.asmx/IPTV2(124.40.120.20)(main.cedock)的http的端口发送一 个post请求，回应了数据，传输成功，从内容中看出传 回了两个img2的URL.3 4、通过DNS请求域名 hub5sr.em.sandai/hub5pn.em.sandai,4 DNS回应两个域名的IP地址hub5sr.em.sandai(123.129.242.168)...4 hub5pn.em.sandai(122.143.5.58)...4 5、电视向em.sandai:80/HTTP/IP(123.129.242.168) 发送一个post请求数据，数据传输，回应数据传输成功...5 6、122.143.5.58(hub5pn.em.sandai)向电视数据传输...7 7、em.sandai:80/(123.129.242.168)传输数据给电视，电视接收数据，回应了数据传输成功7 8、电视向DNS请求域名为license.em.xunlei的IP(60.217.235.190)...9 数据传输...9 9、电视向DNS请求域名为hub5u.em.sandai的IP地址，传输数据...9 10、电视再次向cedock/service.asmx/IPTV2 (124.40.120.20)的http端口发送一个post请求数据，cedock/service.asmx/IPTV2回应，数据传输成功...10 11、电视向DNS请求域名为service.cedock的IP，回应IP(124.40.120.12)，电视向13 cedock/weather/Getweather.action的http端口发送一个post请求，回应数据传输成功，而且从数据中可以读取到近三天的气温...13 四.实验数据: 1、电视开机，通过ARP协议广播查找谁是网关192.168.100.24，获取网关的mac地址 2、通过DNS,请求域名main.cedock，告诉电视该域 名的IP124.40.120.20 .............main.cedock.................. main.cedock.................|(x..............ns1...............ns2...=..........|(x8.O..........n... 3.电视向cedock/service.asmx/IPTV2(124.40.120.20)(main.cedock)的http的端口发送一 个post请求，回应了数据，传输成功，从内容中看出传 回了两个img2的URL POST/service.asmx/IPTV2HTTP/1.1 Host:main.cedock Aept:*/* User-Agent:Mozilla/4.0(patible;MSIE5.0;Windows98) Pragma:no-cache Cache-Control:no-cache Content-Length:526 Content-Type:application/x-www-form-urlencoded Connection:close xmlString=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22utf-8%22%3F%3E%3Crequest+website%3D%22http%3A//main.cedock%22%3E%3Cparameter+type%3D%22Login%22+language%3D%22zh-CN%22%3E%3Cclient+type%3D%22MS58A%22+id%3D%22E019309481C9C04F38517EA44BD67C5EAB761890%22+keytoken%3D%227A35F6578B621EFEC4982DB829BD15824421F25C%22+keytype%3D%220%22+ver%3D%22V8-0MS5802-LF1V045%22/%3E%3Cuser+type%3D%22Normal%22+id%3D%221714829%22+keytoken%3D%22E63D4D648DB3A5826AB54E96A52F679F7480C69C%22+keytype%3D%220%22/%3E%3C/parameter%3E%3C/request%3E HTTP/1.1200OK Server:nginx/1.0.11 Date:Fri,24Feb201202:08:02GMT Content-Type:text/xml;charset=utf-8 Connection:close X-Powered-By:ASP.NET X-AspNet-Version:2.0.50727 Cache-Control:private,max-age=0 Content-Length:559 <xmlversion="1.0"encoding="utf-8" <responsewebsite="cedock/service.asmx/IPTV2" <errortype="false"note=""servertime="2012-02-2410:07:59"/ <clienttype="ms58a"activatekey="rvCSY0zxbxsN3VhfBFiPr4PD6wXaqWpL"/ <serverlanguage="zh-" <channeltype="update"url="cedock/update/no_update.xml"lasttime="2009-4-2710:20:25"/ </server <serverlanguage="en" <channeltype="update"url="cedock/update/no _update.xml"lasttime="2009-4-2710:20:25"/ </server </response 4、通过DNS请求域名 hub5sr.em.sandai/hub5pn.em.sandai,DNS回应两个域名 的IP地址hub5sr.em.sandai(123.129.242.168) hub5pn.em.sandai(122.143.5.58) 5、电视向em.sandai:80/HTTP/IP(123.129.242.168) 发送一个post请求数据，数据传输，回应数据 POSTem.sandai:80/HTTP/1.1 Content-Length:124 Content-Type:application/octet-stream Connection:Close 6.......p....d...$..8.....g.4$%Hs5..RC.eo.I......9.....g)A...<.g.j...5B........ZLr....-KH..A;....L~......C....f...._.[..... HTTP/1.1200OK Content-Length:2092 Content-Type:application/octet-stream Connection:Close 6...........z...[...+...l...7"...BZxL*T.$.......G............Z8...3. ....e.,.M..."b|..V...R..p)9I(.a........E.M....{.e....,.......y..p.$........t...........BGi..`.3..&6.l..u.qe..+.Cd.... ...|Z.J.v....@9mK..w.......v.x...|....+!,5.a.p.....4*.r.U..].:O|.............T.*.$.....`..o.4..u~.*.....q|.k..)/..T...5......l..v..J4..F.....<...}lc.=8..Yj....C..%.zn..t&39;...L......N......."&39;.[...6h..{...;....L.....6..V.K.I..Y....P......o..OW.x.i+!d...2.2...3.LCR.YG.V.Yi<`...Fg. .k...F&39;..k.......$..U...rw.%.........L.....@A&c6......N......J|..Wk..r..*.~._......FM@.j.BQ.kX......0.Z.T..}.0....).{.k.J..9.&N......:W./...&.z....W..H..wc....G.(.2.0.I..+...k...FC&C..w....8..N..Zt.~[.A..........S.")`.FD....;...`d.....7Ef.....y.R..S..NS.c....[J..OC..._h.T!..`....~.i........sj.Go.H......6...`e<.&39;.e.fkYj.b....E2<M].%`e^E..S......j...G..l...0.L.xV..V.....%&39;...../..p...Q...h.....+`......x..xDA......zt.N&...SFE..,&..b...:M......!...a.4mh..P.9..]...5.A~m..n..*..Tr.. .F&39;R.....S..0..D@...`....+...&39;.%.Z..R..w4....G........E...... ..H$8.b..l..W.:...F...J..8L~...Z......m..o.t8O..<N.......*.&.Z..ft..... ..^i_.u....:.....@V.*.b"r.@....]&......1.X.....H/....W.p.%U.....A%.RVn"..j-]h...e..,.)).2.........(...........X...=/.)..e.K@,.s1..82....|( a.7J...... G...r.....K.T2G.x.dazI..u=8...V*.L..v...m.....1.8.........=......h....."..e.T.....mF/n0..}..)O...p..`.,,..P...../.....x.W.y....).$.e.......-.}..Z.os.=Q_)..2&39;.......Iyl.........+..,.$.....o.......QC.b......B......2.^.4_.M....q6%.u9j..)...,I+.r.b.@... .A.6C........k...V5S.Y..2....[&../....D.....U.X+..5T|29.N Xw...%..4..c.y...F;.......^...O..-t..R.u$.r..&U..^.:....xQ......t.n`+.6...o"b..B.U.*d....."T..:.T`_.."*)x..[.di.}....../.b`.h5...,...4..vr5....$r...2.....!.W..a...e......s[w7J..........Q`M....D.........Td...O..,D..-..w(}h................J.6N..........d8Z.E.`...2.....7.... ..3.G.9.....;$....]......9......J...q..a......E....;.0.k.........:n$......=..Qb..[....6..b..4..+|.)@;.........8....u.r.....oTpD......!j.P...`.T..P.h...,..;..A...V.w/!...W...e,..M..H0|im.pF.^.. D.....u.Hg....B_............Lg....,*..P.V8L+ 电视向em.sandai:80/HTTP/发送post请求，回应数 据传输成功 POSTem.sandai:80/HTTP/1.1 Content-Length:124 Content-Type:application/octet-stream Connection:Close 6.......p....d...$..8.....g.4$%Hs5..RC.eo.I......9.....g)A...<.g.j...5B........ZLr....-KH..A;....L~......C....f...._.[..... HTTP/1.1200OK Content-Length:2092 Content-Type:application/octet-stream Connection:Close 6...........z...[...+...l...7"...BZxL*T.$.......G............Z8...3. ....e.,.M..."b|..V...R..p)9I(.a........E.M....{.e....,.......y..p.$........t...........BGi..`.3..&6.l..u.qe..+.Cd.... ...|Z.J.v....@9mK..w.......v.x...|....+!,5.a. p.....4*.r.U..].:O|.............T.*.$.....`..o.4..u~.*.....q|.k..)/..T...5......l..v..J4..F.....<...}lc.=8..Yj....C..%.zn..t&39;...L......N......."&39;.[...6h..{...;....L.....6..V.K.I..Y....P......o..OW.x.i+!d...2.2...3.LCR.YG.V.Yi<`...Fg..k...F&39;..k.......$..U...rw.%.........L.....@A&c6......N......J|..Wk..r..*.~._......FM@.j.BQ.kX......0.Z.T..}.0....).{.k.J..9.&N......:W./...&.z....W..H..wc....G.(.2.0.I..+...k...FC&C..w....8..N..Zt.~[.A..........S.")`.FD....;...`d.....7Ef.....y.R..S..NS.c....[J..OC..._h.T!..`....~.i........sj.Go.H......6...`e<.&39;.e.fkYj.b....E2<M].%`e^E..S......j...G..l...0.L.xV. .V.....%&39;...../..p...Q...h.....+`......x..xDA......zt.N&...SFE..,&..b...:M......!...a.4mh..P.9..]...5.A~m..n..*..Tr.. .F&39;R.....S..0..D@...`....+...&39;.%.Z..R..w4....G........E...... ..H$8.b..l..W.:...F...J..8L~...Z......m..o.t8O..<N.......*.&.Z..ft..... ..^i_.u....:.....@V.*.b"r.@....]&......1.X.....H/....W.p.%U.....A%.RVn"..j-]h...e..,.)).2.........(...........X...=/.)..e.K@,.s1..82....|( a.7J...... G...r.....K.T2G.x.dazI..u=8...V*.L..v...m.....1.8.........=......h....."..e.T.....mF/n0..}..)O...p..`.,,..P...../.....x.W.y....).$.e.......-.}..Z.os.=Q_)..2&39;.......Iyl.........+..,.$.....o.......QC.b......B......2.^.4_.M....q6%.u9j..)...,I+.r.b.@... .A.6C........k...V5S.Y..2....[&../....D.....U.X+..5T|29.N Xw...%..4..c.y...F;.......^...O..-t..R.u$.r..&U..^.:....xQ......t.n`+.6...o"b..B.U.*d....."T..:.T`_.."*)x..[.di.}....../.b`.h5...,...4..vr5....$r...2.....!.W..a...e......s[w7J..........Q`M ....D.........Td...O..,D..-..w(}h................J.6N..........d8Z.E.`...2.....7.... ..3.G.9.....;$....]......9......J...q..a......E....;.0.k.........:n$......=..Qb..[....6..b..4..+|.)@;.........8....u.r.....oTpD......!j.P...`.T..P.h...,..;..A...V.w/!...W...e,..M..H0|im.pF.^..D.....u.Hg....B_............Lg....,*..P.V8L+ 6、122.143.5.58(hub5pn.em.sandai)向电视数据 传输 Sport:irdmidport:LiebDevMgmt-C ;........0058A0000211014X.... ;...............0015C5F06A5A0000:.9U@. (数据乱码) 7、em.sandai:80/(123.129.242.168)传输数据给电 视，电视接收数据，回应了数据传输成功 POSTem.sandai:80/HTTP/1.1 Content-Length:124 Content-Type:application/octet-stream Connection:Close 6.......p....d...$..8.....g.4$%Hs5..RC.eo.I......9.....g)A...<.g.j...5B........ZLr....-KH.. A;....L~......C....f...._.[..... HTTP/1.1200OK Content-Length:2092 Content-Type:application/octet-stream Connection:Close 6...........z...[...+...l...7"...BZxL*T.$.......G............Z8...3. ....e.,.M..."b|..V...R..p)9I(.a........E.M....{.e....,.......y..p.$........t...........BGi..`.3..&6.l..u.qe..+.Cd.... ...|Z.J.v....@9mK..w.......v.x...|....+!,5.a.p.....4*.r.U..].:O|.............T.*.$.....`..o.4..u~.*.....q|.k..)/..T...5......l..v..J4..F.....<...}lc.=8..Yj....C..%.zn..t&39;...L......N......."&39;.[...6h..{...;....L.....6..V.K.I..Y....P......o..OW.x.i+!d...2.2...3.LCR.YG.V.Yi<`...Fg..k...F&39;..k.......$..U...rw.%.........L.....@A&c6......N......J|..Wk..r..*.~._......FM@.j.BQ.kX......0.Z.T..}.0....).{.k.J..9.&N......:W./...&.z....W..H..wc....G.(.2.0.I..+...k...FC&C..w....8..N..Zt.~[.A..........S.")`.FD....;...`d.....7Ef.....y.R..S..NS.c....[J..OC..._h.T!..`....~.i........sj.Go.H......6...`e<.&39;.e.fk Yj.b....E2<M].%`e^E..S......j...G..l...0.L.xV..V.....%&39;...../..p...Q...h.....+`......x..xDA......zt.N&...SFE..,&..b...:M......!...a.4mh..P.9..]...5.A~m..n..*..Tr.. .F&39;R.....S..0..D@...`....+...&39;.%.Z..R..w4....G........E...... ..H$8.b..l..W.:...F...J..8L~...Z......m..o.t8O..<N.......*.&.Z..ft..... ..^i_.u....:.....@V.*.b"r.@....]&......1.X.....H/....W.p.%U.....A%.RVn"..j-]h...e..,.)).2.........(...........X...=/.)..e.K@,.s1..82....|( a.7J...... G...r.....K.T2G.x.dazI..u=8...V*.L..v...m.....1.8.........=......h....."..e.T.....mF/n0..}..)O...p..`.,,..P...../.....x.W.y....).$.e.......-.}..Z.os.=Q_)..2&39;.......Iyl.........+..,.$.....o.......QC.b......B......2.^.4_.M....q6%.u9j..)...,I+.r.b.@... .A.6C........k...V5S.Y..2....[&../....D.....U.X+..5T|29.N Xw...%..4..c.y...F;.......^...O..-t..R.u$.r..&U..^.:....xQ......t.n`+.6...o"b..B.U.*d....."T..:.T`_.."*)x..[.di.}....../.b`.h5...,...4..vr5 ....$r...2.....!.W..a...e......s[w7J..........Q`M....D.........Td...O..,D..-..w(}h................J.6N..........d8Z.E.`...2.....7.... ..3.G.9.....;$....]......9......J...q..a......E....;.0.k.........:n$......=..Qb..[....6..b..4..+|.)@;.........8....u.r.....oTpD......!j.P...`.T..P.h...,..;..A...V.w/!...W...e,..M..H0|im.pF.^..D.....u.Hg....B_............Lg....,*..P.V8L+ 8、电视向DNS请求域名为license.em.xunlei的IP (60.217.235.190)数据传输 .................0058A0000211014X.... ...partner_id....20000014....product_flag....8192....license*...100809000100305010000039nfhr8c0f620s08ekac....ip....192.168.100.111....os....eCos-2 ........L................report_interval....3600....expire_time....31536000....rule....0 9、电视向DNS请求域名为hub5u.em.sandai的IP地 址，传输数据 .............hub5sr.em.sandai..................hub5pn.em.sandai..................hub5sr.em.sandai...... ............hub5sr...2...........hub4t...G..........{....G..........{....G..........{....G..........{....G..........{.............. .ns4.xunlei...............ns1...............ns2...............ns3......... .....hub5pn.em.sandai..................hub5pn...2..........z..:.2..........z..;.2..........z..<.2..........:.9X.2..........:.9..2..........=..Y.2..........w.. .2..........w....2..........z..9.........~. .ns3.xunlei...........~...ns4...........~...n s1...........~...ns2.. .............license.em.xunlei..... .............license.em.xunlei.................<................ns3.xunlei..............ns4.G.............ns1.G.............ns2.G .............hub5u.em.sandai..... .............hub5u.em.sandai..................hub5u...1..........chub5u...E..........:............}. .ns2.xunlei...........}...ns3.p.........}...ns4.p.........}...ns1.p ;........0058A0000211014X..do....8...../......................................(.......... 10、电视再次向cedock/service.asmx/IPTV2 (124.40.120.20)的http端口发送一个post请求数据， cedock/service.asmx/IPTV2回应，数据传输成功 POST/service.asmx/IPTV2HTTP/1.1 Host:main.cedock Aept:*/* User-Agent:Mozilla/4.0(patible;MSIE5.0;Windows98) Pragma:no-cache Cache-Control:no-cache Content-Length:526 Content-Type:application/x-www-form-urlencoded Connection:close xmlString=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22utf-8%22%3F%3E%3Crequest+website%3D%22http%3A//main.cedock%22%3E%3Cparameter+type%3D%22Login%22+language%3D%22zh-CN%22%3E%3Cclient+type%3D%22MS58A%22+id%3D%22E019309481C9C04F38517EA44BD67 C5EAB761890%22+keytoken%3D%227A35F6578B621EFEC4982DB829BD15824421F25C%22+keytype%3D%220%22+ver%3D%22V8-0MS5802-LF1V045%22/%3E%3Cuser+type%3D%22Normal%22+id%3D%221714829%22+keytoken%3D%22E63D4D648DB3A5826AB54E96A52F679F7480C69C%22+keytype%3D%220%22/%3E%3C/parameter%3E%3C/request%3E HTTP/1.1200OK Server:nginx/1.0.11 Date:Fri,24Feb201202:08:02GMT Content-Type:text/xml;charset=utf-8 Connection:close X-Powered-By:ASP.NET X-AspNet-Version:2.0.50727 Cache-Control:private,max-age=0 Content-Length:559 <xmlversion="1.0"encoding="utf-8" <responsewebsite="cedock/service.asmx/IPTV2" <errortype="false"note=""servertime="2012-02-2410:07:59"/ <clienttype="ms58a"activatekey="rvCSY0zxbx sN3VhfBFiPr4PD6wXaqWpL"/ <serverlanguage="zh-" <channeltype="update"url="cedock/update/no_update.xml"lasttime="2009-4-2710:20:25"/ </server <serverlanguage="en" <channeltype="update"url="cedock/update/no_update.xml"lasttime="2009-4-2710:20:25"/ </server </response 11、电视向DNS请求域名为service.cedock的IP， 回应IP(124.40.120.12)，电视向 cedock/weather/Getweather.action的http端口发送一 个post请求，回应数据传输成功，而且从数据中可以读 取到近三天的气温 POST/weather/Getweather.actionHTTP/1.1 Host:service.cedock Aept:*/* User-Agent:Mozilla/4.0(patible;MSIE5.0;Window s98) Pragma:no-cache Cache-Control:no-cache Content-Length:561 Content-Type:application/x-www-form-urlencoded Connection:close xmlString=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22utf-8%22%3F%3E%3Crequest+website%3D%22http%3A//service.cedock%22%3E%3Cparameter+type%3D%22Getweather%22+language%3D%22zh-CN%22%3E%3Cclient+type%3D%22MS58A%22+id%3D%22E019309481C9C04F38517EA44BD67C5EAB761890%22+keytoken%3D%221C916EA34211 AA18C38C6E64DADE94761F40CE5A%22+keytype%3D%220%22/%3E%3Cuser+type%3D%22Normal%22+id%3D%221714829%22+keytoken%3D%22238B6C93C465E7254DCBECBC4DB6811E98116320%22+keytype%3D%220%22/%3E%3Ccity+name%3D%22%E5%8C%97%E4%BA%AC%22+id%3D%22010%22/%3E%3C/parameter%3E%3C/request%3E HTTP/1.1200OK Server:Apache-Coyote/1.1 Set-Cookie:JSESSIONID=7E264D6BF1E21B40F2142726B1302619;Path=/weather Content-Type:text/xml;charset=utf-8 Content-Length:559 Date:Fri,24Feb201202:08:03GMT Connection:close <xmlversion="1.0"encoding="UTF-8" <responsewebsite="cedock"<errorservertime="2012-02-2410:08:03.463"type="false"/<cityid="010"name="......"<weathermin="-2"max="5"date="2012-02-24"daynum="5"type="0302"moisture="48%"current="-1"/<weathermin="-4"max="6"date="2012-02-25"daynum="6"type="01"moisture=""current=""/<weathermin="-3"max="6"date="2012-02-26"daynum= "7"type="01"moisture=""current=""/<weathermin="-2"max="7"date="2012-02-27"daynum="1"type="0102"moisture=""current=""/</city</response 上面分享,谢绝转载 ,个人制作,不作考究!