How to use the command httpry (with examples)
httpry is a lightweight packet sniffer that can be used to display and log HTTP traffic. It provides various options for capturing and filtering HTTP traffic in real-time or as a daemon process.
Use case 1: Save output to a file
Code:
httpry -o path/to/file.log
Motivation: Saving the output to a file allows for further analysis and processing of the captured HTTP traffic.
Explanation:
-o path/to/file.log: Specifies the output file path where the captured HTTP traffic will be written.
Example output:
2021-10-01 12:00:00 GET example.com /index.html 200 OK
2021-10-01 12:00:01 POST example.com /login 302 Found
...
Use case 2: Listen on a specific interface and save output to a binary pcap format file
Code:
httpry eth0 -b path/to/file.pcap
Motivation: Saving the output in pcap format allows for comprehensive analysis of the captured HTTP traffic using tools like Wireshark.
Explanation:
eth0: Specifies the network interface to listen on for capturing HTTP traffic.-b path/to/file.pcap: Specifies the output file path in binary pcap format where the captured HTTP traffic will be written.
Example output: (No output produced directly, but a pcap file will be generated for further analysis)
Use case 3: Filter output by a comma-separated list of HTTP verbs
Code:
httpry -m get|post|put|head|options|delete|trace|connect|patch
Motivation: Filtering the output based on specific HTTP verbs allows for focusing on specific types of requests or methods.
Explanation:
-m get|post|put|head|options|delete|trace|connect|patch: Specifies the comma-separated list of HTTP verbs to filter the output.
Example output:
2021-10-01 12:00:00 GET example.com /index.html 200 OK
2021-10-01 12:00:01 POST example.com /login 302 Found
...
Use case 4: Read from an input capture file and filter by IP
Code:
httpry -r path/to/file.log 'host 192.168.5.25'
Motivation: Reading from an input capture file allows for analyzing previously captured HTTP traffic, and filtering by IP allows for focusing on traffic from a specific IP address.
Explanation:
-r path/to/file.log: Specifies the input capture file path to read the previously captured HTTP traffic from.'host 192.168.5.25': Specifies the filter criteria to only include the HTTP traffic from the specified IP address.
Example output:
2021-10-01 12:00:00 GET example.com /index.html 200 OK
2021-10-01 12:00:01 POST example.com /login 302 Found
...
Use case 5: Run as daemon process
Code:
httpry -d -o path/to/file.log
Motivation: Running as a daemon process allows for capturing HTTP traffic continuously in the background and logging it to a file.
Explanation:
-d: Runs httpry as a daemon process.-o path/to/file.log: Specifies the output file path where the captured HTTP traffic will be written.
Example output: (No output produced directly, but the captured HTTP traffic will be continuously logged to the specified file)
Conclusion:
The httpry command is a useful tool for capturing and analyzing HTTP traffic. It provides flexibility in terms of capturing in real-time or as a daemon process, filtering by various criteria, and saving the output in different formats. Understanding and using the different options of httpry can greatly enhance the analysis of HTTP traffic.
