wireshark抓包SNI
http抓包相对而已比较简单了,tcpdump可以完成httpry(基于tcpdump)也可以
介绍一下如何抓包https的域名
tshark -p -Tfields -e ssl.handshake.extensions_server_name -Y 'ssl.handshake.extension.type == "server_name"'
其中要安装tshark
即yum install wireshark
tshark -p -Tfields -e ssl.handshake.extensions_server_name -e http.host -Y 'ssl.handshake.extension.type == "server_name" or http.host' -i br0