CN111224832B - Method, control equipment, proxy server and system for capturing network data - Google Patents

Method, control equipment, proxy server and system for capturing network data Download PDF

Info

Publication number
CN111224832B
CN111224832B CN201811418451.1A CN201811418451A CN111224832B CN 111224832 B CN111224832 B CN 111224832B CN 201811418451 A CN201811418451 A CN 201811418451A CN 111224832 B CN111224832 B CN 111224832B
Authority
CN
China
Prior art keywords
target terminal
network data
proxy server
terminal device
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811418451.1A
Other languages
Chinese (zh)
Other versions
CN111224832A (en
Inventor
洪福人
张�荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201811418451.1A priority Critical patent/CN111224832B/en
Publication of CN111224832A publication Critical patent/CN111224832A/en
Application granted granted Critical
Publication of CN111224832B publication Critical patent/CN111224832B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method, control equipment, proxy server and system for capturing network data, wherein the method comprises the following steps: transmitting, by the control device, a connection instruction to the target terminal device in response to an operation of capturing network data of the target terminal device, wherein the connection instruction is set to connect the target terminal device to the network router through the proxy server; after the connection instruction is sent, sending a packet grabbing instruction aiming at the target terminal equipment to a proxy server; responding to the packet capturing instruction by the proxy server, starting a packet capturing tool to capture network data transmitted by the target terminal equipment through the proxy server; and the control equipment acquires the network data grabbed by the proxy server according to the packet grabbing instruction.

Description

Method, control equipment, proxy server and system for capturing network data
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method, a control device, a proxy server, and a system for capturing network data.
Background
The packet capture (packet capture) is to intercept, retransmit, edit, and restore the data packets sent and received by the network transmission, and is also used to check the network security. Packet grabbing is also often used for data interception and the like. The aim is to use it to analyze the content of network packets.
To implement network data packet-grabbing for an Application (APP), it is necessary to monitor the network nodes between the application and server interactions. Any network node (network card) is monitored, all data passing through the network card are obtained, and the data are analyzed according to a network protocol, which is the basic principle of packet grabbing. However, the intermediate network node basically cannot grasp packets, so that the packet can only be grasped at the client and the server.
In the prior art, terminal equipment can be connected with a router through a network card of the terminal equipment, so that the transmission of network data is realized. And capturing the packet at the client, namely capturing the packet of the network data transmitted by the terminal equipment provided with the corresponding application program. However, when the terminal device accesses the internet through the connection network router abroad, due to the problem of the foreign network, a matched packet capturing tool needs to be installed on the terminal device, a certificate is configured, and the like, so that the time and the labor are consumed, and the user experience is affected.
Disclosure of Invention
An object of the present invention is to provide a new solution for capturing network data.
According to a first aspect of the present invention, there is provided a method of capturing network data, the method being implemented by a control device, the method comprising:
Transmitting a connection instruction to a target terminal device in response to an operation of capturing network data of the target terminal device, wherein the connection instruction is set to connect the target terminal device to a network router through a proxy server;
after the connection instruction is sent, sending a packet grabbing instruction aiming at the target terminal equipment to the proxy server;
and acquiring network data grabbed by the proxy server according to the packet grabbing instruction.
Optionally, the method further comprises:
receiving a connection result returned by the target terminal according to the connection instruction;
and executing the step of sending a packet grabbing instruction aiming at the target terminal equipment to the proxy server according to the connection result.
Optionally, the step of sending a connection instruction to the target terminal device in response to the operation of capturing the network data of the target terminal device includes:
and responding to the operation of grabbing the network data of the target terminal equipment, and sending the connection instruction to the target terminal equipment through the transfer equipment connected with the target terminal equipment.
Optionally, the step of obtaining the network data grabbed by the proxy server according to the packet grabbing instruction further includes:
Receiving a network address sent by the proxy server according to the packet capturing instruction, wherein the network address stores the network data;
and acquiring the network data according to the network address.
Optionally, the method further comprises:
the network data is displayed in response to an operation to display the network data.
According to a second aspect of the present invention, there is provided a method of crawling network data, the method being implemented by a proxy server, the method comprising:
transmitting network data between the target terminal device and the network router;
and responding to a packet capturing instruction sent by the control equipment aiming at the target terminal equipment, starting a packet capturing tool to capture network data transmitted by the target terminal equipment through the proxy server for the control equipment to acquire.
Optionally, the method further comprises:
storing the network data into a corresponding network address;
and sending the network address to the control equipment so that the control equipment can acquire the network data according to the network address.
Optionally, the packet capturing instruction includes a preset port number of the target terminal device; the method further comprises the steps of:
Responding to the packet grabbing instruction, and distributing a port corresponding to the port number to the target terminal equipment so as to transmit network data of the target terminal equipment through the port;
the step of responding to the packet capturing instruction sent by the control device and aiming at the target terminal device, starting the packet capturing tool to capture the network data transmitted by the target terminal device through the proxy server for the control device to acquire comprises the following steps:
and responding to the packet grabbing instruction, starting a packet grabbing tool to grab the network data transmitted through the port for the control equipment to acquire.
According to a third aspect of the present invention there is provided a control device comprising a first processor and a first memory for storing executable first instructions for controlling the first processor to perform a method of crawling network data according to the first aspect of the present invention.
According to a fourth aspect of the present invention there is provided a proxy server comprising a second processor and a second memory for storing executable second instructions for controlling the second processor to perform a method of crawling network data according to the second aspect of the present invention.
According to a fifth aspect of the present invention, there is provided a system for capturing network data, comprising a target terminal device, a control device according to the third aspect of the present invention, and a proxy server according to the fourth aspect of the present invention; the target terminal device is configured to: and responding to the connection instruction sent by the control equipment, and connecting to a network router through the proxy server.
In the embodiment of the invention, the control device connects the target terminal device to the network router through the proxy server by sending a connection instruction to the target terminal device, and sends a packet grabbing instruction to the proxy server. The proxy server starts the packet grabbing tool to grab the network data of the target terminal device for the control device to acquire by responding to the packet grabbing instruction sent by the control device. When the target terminal equipment accesses the Internet through the connecting network router abroad, the network data of the target terminal equipment can be acquired through the proxy server, and the process of capturing the network data is convenient, easy to realize and capable of improving user experience.
Other features of the present invention and its advantages will become apparent from the following detailed description of exemplary embodiments of the invention, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description, serve to explain the principles of the invention.
FIG. 1 illustrates a block diagram of an example of a hardware configuration of a system that can be used to capture network data to implement an embodiment of the present invention;
FIG. 2 is a flow chart of a method for capturing network data according to a first embodiment of the present invention;
FIG. 3 is a flowchart showing steps for acquiring network data according to a first embodiment of the present invention;
fig. 4 is a block diagram of a control apparatus provided by a first embodiment of the present invention;
FIG. 5 is a flowchart of an example of a method of capturing network data according to a second embodiment of the present invention;
FIG. 6 is a flowchart of another example of a method of capturing network data according to a second embodiment of the present invention;
FIG. 7 is a block diagram of a proxy server provided by a second embodiment of the present invention;
FIG. 8 is a block diagram of a system for capturing network data provided by a third embodiment of the present invention;
fig. 9 is a schematic diagram of an example of a system for capturing network data according to a third embodiment of the present invention.
Detailed Description
Various exemplary embodiments of the present invention will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present invention unless it is specifically stated otherwise.
The following description of at least one exemplary embodiment is merely exemplary in nature and is in no way intended to limit the invention, its application, or uses.
Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any specific values should be construed as merely illustrative, and not a limitation. Thus, other examples of exemplary embodiments may have different values.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
< hardware configuration >
As shown in fig. 1, the system 1000 for capturing network data includes a control device 1100, a proxy server 1200, a terminal device 1300, and a network 1400.
The control device 1100 may be a laptop, desktop, tablet, or the like. As shown in fig. 1, the control device 1100 may include a processor 1110, a memory 1120, an interface device 1130, a communication device 1140, a display device 1150, an input device 1160, a speaker 1170, a microphone 1180, and so forth. The processor 1110 may be a central processing unit CPU, a microprocessor MCU, or the like. The memory 1120 includes, for example, ROM (read only memory), RAM (random access memory), nonvolatile memory such as a hard disk, and the like. The interface device 1130 includes, for example, a USB interface, a headphone interface, and the like. The communication device 1140 can perform wired or wireless communication, for example. The display device 1150 is, for example, a liquid crystal display, a touch display, or the like. The input device 1160 may include, for example, a touch screen, a keyboard, and the like. A user may input/output voice information through the speaker 1170 and the microphone 1180.
Proxy server 1200 may be, for example, a blade proxy server or the like. In one example, proxy server 1200 may be a computer. In another example, proxy server 1200 may include processor 1210, memory 1220, interface device 1230, communication device 1240, display device 1250, input device 1260, as shown in fig. 1. Although the proxy server may also include speakers, microphones, etc., these components are not relevant to the present invention and are omitted here. The processor 1210 may be, for example, a central processing unit CPU, a microprocessor MCU, or the like. The memory 1220 includes, for example, ROM (read only memory), RAM (random access memory), nonvolatile memory such as a hard disk, and the like. The interface device 1230 includes, for example, a USB interface, a serial interface, and the like. The communication device 1240 can perform wired or wireless communication, for example. The display device 1250 is, for example, a liquid crystal display. The input device 1260 may include, for example, a touch screen, a keyboard, and the like.
The terminal device 1300 may be, for example, a portable computer, a desktop computer, a tablet computer, a cell phone, etc. As shown in fig. 1, terminal device 1300 may include a processor 1310, a memory 1320, an interface device 1330, a communication device 1340, a display device 1350, an input device 1360, a speaker 1370, a microphone 1380, and so forth. The processor 1310 may be a central processing unit CPU, a microprocessor MCU, or the like. The memory 1320 includes, for example, ROM (read only memory), RAM (random access memory), nonvolatile memory such as a hard disk, and the like. The interface 1330 includes, for example, a USB interface, a headphone interface, and the like. The communication device 1340 can perform wired or wireless communication, for example. The display device 1350 is, for example, a liquid crystal display, a touch display, or the like. The input device 1360 may include, for example, a touch screen, a keyboard, and the like. A user may input/output voice information through the speaker 1370 and the microphone 1380.
The communication network 1400 may be a wireless network or a wired network, and may be a local area network or a wide area network. In the system 1000 of capturing network data shown in fig. 1, the control device 1100 and the proxy server 1200 can communicate through the communication network 1400.
The system 1000 of capturing network data shown in fig. 1 is merely illustrative and is in no way intended to limit the invention, its application or uses.
In an embodiment of the present invention, the memory 1120 of the control device 1100 is configured to store instructions for controlling the processor 1110 to operate to perform any one of the methods for capturing network data provided by the embodiment of the present invention. The memory 1220 of the proxy server 1200 is configured to store instructions for controlling the processor 1210 to operate to perform any of the methods for proxy server crawling network data provided by the embodiments of the present invention.
It will be appreciated by those skilled in the art that although a plurality of means are shown in fig. 1 for the proxy server 1200, the control apparatus 1100 and the terminal apparatus 1300, the present invention may relate to only some of the means, for example, the control apparatus 1100 may relate to only the processor 1110 and the memory 1120, or the proxy server 1200 may relate to only the processor 1210 and the memory 1220, or the terminal apparatus 1300 may relate to only the processor 1310 and the memory 1320, etc. The skilled person can design instructions according to the disclosed solution. How the instructions control the processor to operate is well known in the art and will not be described in detail here.
The general idea of the embodiment of the invention is to provide a new technical scheme for capturing network data, wherein a control device sends a connection instruction to a target terminal device, connects the target terminal device to a network router through a proxy server, and sends a packet capturing instruction to the proxy server. The proxy server starts the packet grabbing tool to grab the network data of the target terminal device for the control device to acquire by responding to the packet grabbing instruction sent by the control device. When the target terminal equipment accesses the Internet through the connecting network router abroad, the network data of the target terminal equipment can be acquired through the proxy server, and the process of capturing the network data is convenient, easy to realize and capable of improving user experience.
< first embodiment >
< method >
In this embodiment, a method for controlling a device to grab network data is provided.
The control device may be any electronic device having a processor and a memory, for example, an electronic product such as a portable computer, a desktop computer, a mobile phone, a tablet computer, or the like. In one example, the proxy server may be the control device 1100 shown in fig. 1.
Fig. 2 is a flowchart of a method for controlling a device to capture network data according to a first embodiment of the present invention.
According to fig. 2, the method of capturing network data includes the following steps S2100 to S2300.
In step S2100, in response to an operation of capturing network data of the target terminal device, a connection instruction is transmitted to the target terminal device.
The operation of grabbing the network data of the target terminal device may be triggered by the user.
For example, at least one button for triggering the capture of the network data of the terminal device may be displayed on the interface of the control device. If the user clicks one of the buttons, the operation of capturing the network data of the terminal device corresponding to the button may be triggered, and then the terminal device corresponding to the clicked button may be the target terminal device described in this embodiment. And the operation of clicking one of the buttons by the user can be the operation of grabbing the network data of the target terminal device.
For another example, at least one terminal device may be displayed on the interface of the control device, and the terminal device selected by the user may be the target terminal device described in this embodiment. After selecting the target terminal device, the user may trigger an operation of grabbing network data on the interface, and then the operation is actually an operation of grabbing network data of the target terminal device.
The control device transmits a connection instruction to the target terminal device in response to an operation of capturing network data of the target terminal device, the connection instruction being set to connect the target terminal device to the network router through the proxy server.
A proxy server is a point system or other type of network terminal that provides proxy services. A proxy is a special network service that allows one network terminal (which may be the target terminal device in this embodiment) to make an indirect connection with another network terminal (which may be a network router in this embodiment) through this service.
A network router is a device that connects local area networks and wide area networks in the internet. When the network router is connected to the internet, the target terminal device connected to the network router may also be connected to the internet, so as to realize transmission of network data, including uploading and downloading of the network data.
The network router in this embodiment may be a local router, which is used to connect to the network transmission medium. The network router has the functions of judging network address and selecting IP path, and can establish flexible connection in multiple network interconnection environment and connect various sub-networks with different data packet and medium access methods.
In the case where the target terminal device is connected to the network router through the proxy server, the transmission of the network data may be realized between the target terminal device and the network router through the proxy server.
In one example, in the system for capturing network data, the plurality of terminal devices displayed on the interface of the control device may be connected to the corresponding relay device in a wired manner through a data line or the like. The relay devices to which the plurality of terminal devices are connected may be different. Accordingly, the control device may send the connection instruction through the relay device connected to the target terminal device in response to the operation of grasping the network data of the target terminal device. The relay device may be, for example, a desktop computer, a portable computer, a tablet computer, or the like. The transfer device and the terminal device may be connected through a USB data line.
Specifically, the UI layer of the control device may receive an operation of capturing network data of the target terminal device, and the UI layer sends a connection instruction to the WEB layer of the control device in a websocket manner. After receiving the connection instruction, the WEB layer acquires the connection instruction in the websocket and pushes the connection instruction to the message queue according to a protocol pre-agreed with the transfer equipment. The transfer device may subscribe to the connection instruction in the message queue in advance, and after receiving the connection instruction, may send the connection instruction to the target terminal device through the connected data line.
Further, the target terminal device may be a port that the pre-installed application program will start for the connected relay device to call. Then, the transfer device may call an interface of the application program pre-installed on the target terminal device after receiving the connection instruction, and send the connection instruction to the target terminal device. After receiving the connection instruction, the application program in the target terminal device can call the API function to perform network switching and proxy setting so as to realize that the target terminal device is connected to the network router through the proxy server.
The API (Application Programming Interface ) is a number of predefined functions that are designed to provide the application with the ability to open any set of routines that can be accessed based on certain software or hardware. The operating system not only coordinates the execution of the application program, memory allocation and system resource management, but also is a large service center, and calls various services (each service is a function) of the service center, so that the application program can be helped to achieve the purposes of opening windows, drawing graphs and using peripheral equipment.
The connection instruction may include a preset IP address of the proxy server and a port number of the target terminal device. Then, the target terminal device may be the steps of performing network handover and proxy setting specifically: the IP address of the router is changed into the IP address contained in the connection instruction, the port number of the router is changed into the port number contained in the connection instruction, and the router is connected to the network router. The connection of the target terminal device to the network router via the proxy server may be achieved.
Further, it may be that a port number corresponding to each terminal device is preset in the control device, and each terminal device has a unique port number.
After step S2100 is performed, step S2200 is performed.
Step S2200, sending a packet grabbing instruction for the target terminal device to the proxy server.
In one example, the target terminal device may send the connection result to the control device after performing the operation of connecting itself to the network router through the proxy server. The connection result may be specifically sent to the control device by the connected relay device. Then, the method may further comprise:
receiving a connection result returned by the target terminal equipment according to the connection instruction; according to the connection result, the step S2200 is performed.
Specifically, step S2200 may be executed if the connection result of the target terminal device to the network router through the proxy server is successful, and the method of capturing network data according to the embodiment may be executed to end if the connection result of the target terminal device to the network router through the proxy server is failed.
The packet grasping tool is an application program pre-installed in the proxy server and used for intercepting and viewing network data packet content. The bale plucking tool may include Fiddler, wireshark, mitmproxy, or Anyproxy, for example.
Fiddler is a web page debugging tool that is capable of listening to the HTTP protocol, including HTTPS. The powerful function of the device is to allow setting of breakpoints and modification of output data, and the device is friendly in user interface, simple to use, convenient to view and capable of analyzing various data formats. Fiddler has the additional benefit that by setting up agents, information for other programs can be filtered. Fiddler is written on the basis of Microsoft's net platform, so only windows systems are currently supported.
Wireshark is the most popular packet grabbing tool at present, and supports up to 850 protocols, from the most basic IP protocol and DHCP protocol to advanced special protocols, such as AppleTalk and BitTorrent, and the like, and is the most protocol-supported packet grabbing tool at present. Since Wireshark is open source software, each update adds some new protocol support. Meanwhile, the Android platform is cross-platform software, and network protocol packet capture work can be performed on a plurality of platforms such as unix series, linux, mac os and windows, but Android is not supported yet.
Mitmproxy is an open source framework for Python-based broker. At the same time, mitmproxy has two interrelated components MitmDump and MitmWeb. MitmDump is a command line interface to Mitmproxy that can be used to interface with Python scripts, with Python implementing post-snoop processing. The MitmWeb is a Web program by which MitmProxy-captured requests can be clearly observed.
Anyproxy is a man-in-the-middle agent framework developed based on nodejs, supports HTTP/HTPS analysis, and provides a WEB interface. The data format grabbed by the Anyproxy is json format, so that the analysis is easy.
In one example, for example, a packet grabbing tool mitmprox may be used to grab network data of the target terminal device.
After receiving the packet capturing instruction for the target terminal device sent by the control device, the proxy server can start the packet capturing tool to capture the network data transmitted by the target terminal device through the proxy server.
In one example, the packet-grabbing instruction may include a port number of the target terminal device. Then, after the proxy server receives the packet grabbing instruction, the port corresponding to the port number may be allocated to the target terminal device. Then, the destination terminal device may transmit the network data through the port corresponding to the port number. Therefore, in the case that a plurality of terminal devices are connected to the network router through the proxy server, the proxy server may start the packet grasping tool to grasp network data transmitted through a port corresponding to the port number according to the packet grasping instruction, that is, network data transmitted through the proxy server by the target terminal device.
In step S2300, the network data captured by the proxy server according to the capturing instruction is obtained.
In one example, the proxy server may send the network data grabbed to the target terminal device according to the grabbing instruction to the control device in real time. Then, the control device may be a receiving proxy server that transmits network data of the target terminal device.
In another example, the proxy server may pre-store the network data of the target terminal device in the corresponding network address in case that the network data transmitted through the proxy server to the target terminal device is grasped. Wherein the network addresses storing the network data of different terminal devices may be different. The proxy server may be to send the network address to the control device.
Then, the step S2300 may further include steps S2310 to S2320 as shown in fig. 3:
in step S2310, the receiving proxy server receives the network address sent by the packet capturing instruction, where the network address stores the network data of the target terminal device.
Step S2320, network data of the target terminal device is obtained according to the network address.
Specifically, the proxy server may pre-allocate or set a network address corresponding to the packet capturing instruction in response to the packet capturing instruction sent by the control device, and send the network address to the control device. The proxy server may store the network data captured to the target terminal device in the corresponding period into the corresponding network address according to the preset storage frequency, or store the network data captured to the target terminal device into the corresponding network address each time. The control device may acquire the network data stored in the network address in the corresponding period according to the preset acquisition frequency, or may acquire the network data stored this time each time the network data is stored in the network address.
The control device can acquire the network data of the target terminal device by accessing the network address.
Further, the method may further include:
and displaying the acquired network data in response to an operation of displaying the network data.
The operation of displaying the network data may be performed by the user after the operation of grabbing the network data of the target terminal device is performed.
The operation of displaying the network data may also be an operation of capturing the network data of the target terminal device. Then, after the user performs the operation of capturing the network data of the target terminal device, the acquired network data can be automatically displayed without performing other operations.
< control device >
In this embodiment, there is also provided a control apparatus 400, as shown in fig. 4, including a first processor 410 and a first memory 420. The first memory 420 is used for storing executable first instructions; the first instructions are for controlling the first processor 410 to perform the method of crawling network data of any one of the items provided in this embodiment.
In this embodiment, the control device may also include other apparatuses or modules, for example, the control device 1100 shown in fig. 1. The control device 400 may also take a variety of physical forms, for example, the control device may be a tablet computer, a palm top computer, a desktop computer, or the like.
Those skilled in the art will appreciate that the control device 400 may be implemented in a variety of ways. For example, the control device 400 may be implemented by an instruction configuration processor. For example, instructions may be stored in a ROM, and when the device is booted, instructions are read from the ROM into a programmable device to implement the control device 400. For example, the control device 400 may be solidified into a dedicated device (e.g., ASIC), the control device 400 may be divided into separate units, or they may be implemented in combination. The control device 400 may be implemented by one of the above-described various implementations, or may be implemented by a combination of two or more of the above-described various implementations.
The present embodiment has been described above with reference to the accompanying drawings, and according to the present embodiment, there is provided a method and a control device for capturing network data, by sending a connection instruction to a target terminal device, connecting the target terminal device to a network router through a proxy server, and sending a packet capturing instruction to the proxy server, so as to capture the network data of the target terminal device through the proxy server, and acquire the network data. When the target terminal equipment accesses the Internet through the connecting network router abroad, the network data of the target terminal equipment can be acquired through the proxy server, and the process of capturing the network data is convenient, easy to realize and capable of improving user experience.
< second embodiment >
< method >
In this embodiment, a method for controlling a device to grab network data is provided.
The control device may be any electronic device having a display, a processor, and a memory, and may be, for example, a computer, a blade server, a cloud server, a server group, or the like. In one example, the control device may be the control device 1100 shown in fig. 1.
Fig. 5 is a flowchart of a method for controlling a device to grab network data according to a second embodiment of the present invention.
According to fig. 5, the method for capturing network data includes the following steps S5100 to S5200.
In step S5100, network data between the target terminal device and the network router is transmitted.
In the case where the target terminal device is connected to the network router through the proxy server, the proxy server may transmit network data between the target terminal device and the network router.
In step S5200, in response to a packet capturing instruction sent by the control device for the target terminal device, the packet capturing tool is started to capture network data transmitted by the target terminal device through the proxy server, so as to be obtained by the control device.
The packet grasping tool is an application program pre-installed in the proxy server and used for intercepting and viewing network data packet content. The bale plucking tool may include Fiddler, wireshark, mitmproxy, or Anyproxy, for example.
Fiddler is a web page debugging tool that is capable of listening to the HTTP protocol, including HTTPS. The powerful function of the device is to allow setting of breakpoints and modification of output data, and the device is friendly in user interface, simple to use, convenient to view and capable of analyzing various data formats. Fiddler has the additional benefit that by setting up agents, information for other programs can be filtered. Fiddler is written on the basis of Microsoft's net platform, so only windows systems are currently supported.
Wireshark is the most popular packet grabbing tool at present, and supports up to 850 protocols, from the most basic IP protocol and DHCP protocol to advanced special protocols, such as AppleTalk and BitTorrent, and the like, and is the most protocol-supported packet grabbing tool at present. Since Wireshark is open source software, each update adds some new protocol support. Meanwhile, the Android platform is cross-platform software, and network protocol packet capture work can be performed on a plurality of platforms such as unix series, linux, mac os and windows, but Android is not supported yet.
Mitmproxy is an open source framework for Python-based broker. At the same time, mitmproxy has two interrelated components MitmDump and MitmWeb. MitmDump is a command line interface to Mitmproxy that can be used to interface with Python scripts, with Python implementing post-snoop processing. The MitmWeb is a Web program by which MitmProxy-captured requests can be clearly observed.
Anyproxy is a man-in-the-middle agent framework developed based on nodejs, supports HTTP/HTPS analysis, and provides a WEB interface. The data format grabbed by the Anyproxy is json format, so that the analysis is easy.
In one example, for example, a packet grabbing tool mitmprox may be used to grab network data of the target terminal device.
After receiving the packet capturing instruction for the target terminal device sent by the control device, the proxy server can start the packet capturing tool to capture the network data transmitted by the target terminal device through the proxy server.
In one example, the packet-grabbing instruction may include a port number of the target terminal device. Then, after the proxy server receives the packet grabbing instruction, the port corresponding to the port number may be allocated to the target terminal device. Then, the destination terminal device may transmit the network data through the port corresponding to the port number. Therefore, in the case that a plurality of terminal devices are connected to the network router through the proxy server, the proxy server may start the packet grasping tool to grasp network data transmitted through a port corresponding to the port number according to the packet grasping instruction, that is, network data transmitted through the proxy server by the target terminal device.
In one example, the proxy server may send the network data grabbed to the target terminal device according to the grabbing instruction to the control device in real time. Then, the control device may be a receiving proxy server that transmits network data of the target terminal device.
In another example, the proxy server may pre-store the network data of the target terminal device in the corresponding network address in case that the network data transmitted through the proxy server to the target terminal device is grasped. Wherein the network addresses storing the network data of different terminal devices may be different. The proxy server may be to send the network address to the control device.
Then, the method may further include steps S6100 to S6200 as shown in fig. 6:
in step S6100, the network data of the target terminal device is stored in the corresponding network address.
In step S6200, the network address is sent to the control device, so that the control device obtains the network data according to the network address.
Specifically, the proxy server may pre-allocate or set a network address corresponding to the packet capturing instruction in response to the packet capturing instruction sent by the control device, and send the network address to the control device. The proxy server may store the network data captured to the target terminal device in the corresponding period into the corresponding network address according to the preset storage frequency, or store the network data captured to the target terminal device into the corresponding network address each time. The control device may acquire the network data stored in the network address in the corresponding period according to the preset acquisition frequency, or may acquire the network data stored this time each time the network data is stored in the network address.
The control device can acquire the network data of the target terminal device by accessing the network address.
< proxy Server >
In this example, there is also provided a proxy server 700, as shown in fig. 7, including: a second processor 710 and a second memory 720. The second memory 720 is used for storing executable second instructions; the second instructions are configured to control the second processor 710 to perform the method of capturing network data according to any of the embodiments.
In this embodiment, proxy server 700 may also include other devices or modules, such as proxy server 1200 shown in fig. 1.
In this embodiment, the proxy server 700 is not limited to the entity implementation, and the proxy server 700 may be a computer, a blade server, a cloud server, a server group, or the like. The proxy server 700 may also implement some of the functions through an external device, for example, the proxy server 700 may be a peripheral communication server for managing communication connection between the proxy server and the control device; the proxy server 700 may be a peripheral information server for assisting the proxy server 700 in managing device information of the control device, etc.
Those skilled in the art will appreciate that proxy server 700 may be implemented in a variety of ways. For example, proxy server 700 may be implemented by an instruction configuration processor. For example, instructions may be stored in ROM and read from the ROM into a programmable device to implement proxy server 700 when the device is booted. For example, proxy server 700 may be solidified into a dedicated device (e.g., ASIC). The proxy server 700 may be divided into separate units or they may be implemented by combining them together. The proxy server 700 may be implemented by one of the above-described various implementations, or may be implemented by a combination of two or more of the above-described various implementations.
The present embodiment has been described above with reference to the accompanying drawings, and according to the present embodiment, a method for capturing network data and a proxy server are provided, where a capturing tool is started to capture network data of a target terminal device for a control device to obtain by responding to a capturing instruction sent by the control device. When the target terminal equipment accesses the Internet through the connecting network router abroad, the network data of the target terminal equipment can be acquired through the proxy server, and the process of capturing the network data is convenient, easy to realize and capable of improving user experience.
< third embodiment >
< System >
In this embodiment, a system 800 for capturing network data is provided, as shown in fig. 8, including:
the control apparatus 400 provided in the second embodiment;
the proxy server 700 provided in the second embodiment;
and a target terminal device 810 for connecting to the network router through the proxy server 700 in response to the connection instruction transmitted from the control device 400.
In this embodiment, the system 800 for capturing network data may further include other devices, for example, a relay device for controlling a communication connection between the device 400 and the target terminal device, and so on.
In one example, system 800 for capturing network data may also be system 1000 for capturing network data as shown in FIG. 1. The target terminal device 810 may be the terminal device 1300 shown in fig. 1.
The method of capturing network data implemented by the system 800 for capturing network data in this embodiment will be further described below with reference to fig. 9.
The method for capturing network data, as shown in fig. 9, includes: steps S9100 through S9600.
In step S9100, a connection instruction is transmitted to the target terminal device by the control device in response to an operation of capturing network data of the target terminal device.
In step S9200, the target terminal device connects to the network router through the proxy server in response to the connection instruction.
In step S9300, network data between the target terminal device and the network router is transmitted by the proxy server.
In step S9400, the control device transmits a packet-grabbing instruction for the target terminal device to the proxy server.
In step S9500, in response to the packet capturing instruction for the target terminal device sent by the control device, the proxy server starts the packet capturing tool to capture the network data transmitted by the target terminal device through the proxy server.
In step S9600, the control device acquires the network data grasped by the proxy server according to the grasping instruction.
The steps of the method for capturing network data performed by the control device 400 and the target terminal device 810 have been described in detail in the first embodiment, and the steps of the method for capturing network data performed by the proxy server 700 have been described in detail in the second embodiment, and are not described here again.
In this example, the control device connects the target terminal device to the network router through the proxy server by sending a connection instruction to the target terminal device, and sends a packet-grabbing instruction to the proxy server. The proxy server starts the packet grabbing tool to grab the network data of the target terminal device for the control device to acquire by responding to the packet grabbing instruction sent by the control device. When the target terminal equipment accesses the Internet through the connecting network router abroad, the network data of the target terminal equipment can be acquired through the proxy server, and the process of capturing the network data is convenient, easy to realize and capable of improving user experience.
The present invention may be a system, method, and/or computer program product. The computer program product may include a computer readable storage medium having computer readable program instructions embodied thereon for causing a processor to implement aspects of the present invention.
The computer readable storage medium may be a tangible device that can hold and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: portable computer disks, hard disks, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static Random Access Memory (SRAM), portable compact disk read-only memory (CD-ROM), digital Versatile Disks (DVD), memory sticks, floppy disks, mechanical coding devices, punch cards or in-groove structures such as punch cards or grooves having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media, as used herein, are not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., optical pulses through fiber optic cables), or electrical signals transmitted through wires.
The computer readable program instructions described herein may be downloaded from a computer readable storage medium to a respective computing/processing device or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmissions, wireless transmissions, routers, firewalls, switches, gateway computers and/or edge servers. The network interface card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium in the respective computing/processing device.
Computer program instructions for carrying out operations of the present invention may be assembly instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, c++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer readable program instructions may be executed entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, aspects of the present invention are implemented by personalizing electronic circuitry, such as programmable logic circuitry, field Programmable Gate Arrays (FPGAs), or Programmable Logic Arrays (PLAs), with state information for computer readable program instructions, which can execute the computer readable program instructions.
Various aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable medium having the instructions stored therein includes an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. It is well known to those skilled in the art that implementation by hardware, implementation by software, and implementation by a combination of software and hardware are all equivalent.
The foregoing description of embodiments of the invention has been presented for purposes of illustration and description, and is not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the various embodiments described. The terminology used herein was chosen in order to best explain the principles of the embodiments, the practical application, or the technical improvements in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein. The scope of the invention is defined by the appended claims.

Claims (10)

1. A method of capturing network data, wherein the method is implemented by a control device, the method comprising:
transmitting a connection instruction to a target terminal device in response to an operation of capturing network data of the target terminal device, wherein the connection instruction is set to connect the target terminal device to a network router through a proxy server;
after the connection instruction is sent, sending a packet grabbing instruction aiming at the target terminal equipment to the proxy server; the packet capturing instruction comprises a preset port number of the target terminal equipment;
And acquiring network data which is acquired by the proxy server and is transmitted through the port corresponding to the port number allocated to the target terminal equipment by starting the packet grabbing tool according to the packet grabbing instruction.
2. The method of claim 1, wherein the method further comprises:
receiving a connection result returned by the target terminal according to the connection instruction;
and executing the step of sending a packet grabbing instruction aiming at the target terminal equipment to the proxy server according to the connection result.
3. The method of claim 1, wherein the step of transmitting the connection instruction to the target terminal device in response to the operation of grabbing the network data of the target terminal device comprises:
and responding to the operation of grabbing the network data of the target terminal equipment, and sending the connection instruction to the target terminal equipment through the transfer equipment connected with the target terminal equipment.
4. The method of claim 1, wherein the step of obtaining network data that the proxy server grabs according to the grab instruction further comprises:
receiving a network address sent by the proxy server according to the packet capturing instruction, wherein the network address stores the network data;
And acquiring the network data according to the network address.
5. The method of claim 1, wherein the method further comprises:
the network data is displayed in response to an operation to display the network data.
6. A method of crawling network data, wherein the method is implemented by a proxy server, the method comprising:
transmitting network data between the target terminal device and the network router;
responding to a packet capturing instruction sent by a control device for the target terminal device, starting a packet capturing tool to capture network data transmitted by the target terminal device through the proxy server for the control device to acquire;
the packet capturing instruction comprises a preset port number of the target terminal equipment; the method further comprises the steps of:
responding to the packet grabbing instruction, and distributing a port corresponding to the port number to the target terminal equipment so as to transmit network data of the target terminal equipment through the port;
the step of responding to the packet capturing instruction sent by the control device and aiming at the target terminal device, starting the packet capturing tool to capture the network data transmitted by the target terminal device through the proxy server for the control device to acquire comprises the following steps:
And responding to the packet grabbing instruction, starting a packet grabbing tool to grab the network data transmitted through the port for the control equipment to acquire.
7. The method of claim 6, wherein the method further comprises:
storing the network data into a corresponding network address;
and sending the network address to the control equipment so that the control equipment can acquire the network data according to the network address.
8. A control device comprising a first processor and a first memory for storing executable first instructions for controlling the first processor to perform the method of crawling network data of any of claims 1-5.
9. A proxy server comprising a second processor and a second memory, the second memory for storing executable second instructions for controlling the second processor to perform the method of crawling network data of any of claims 6-7.
10. A system for capturing network data, comprising a target terminal device, a control device according to claim 8, and a proxy server according to claim 9; the target terminal device is configured to: and responding to the connection instruction sent by the control equipment, and connecting to a network router through the proxy server.
CN201811418451.1A 2018-11-26 2018-11-26 Method, control equipment, proxy server and system for capturing network data Active CN111224832B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811418451.1A CN111224832B (en) 2018-11-26 2018-11-26 Method, control equipment, proxy server and system for capturing network data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811418451.1A CN111224832B (en) 2018-11-26 2018-11-26 Method, control equipment, proxy server and system for capturing network data

Publications (2)

Publication Number Publication Date
CN111224832A CN111224832A (en) 2020-06-02
CN111224832B true CN111224832B (en) 2023-06-16

Family

ID=70831994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811418451.1A Active CN111224832B (en) 2018-11-26 2018-11-26 Method, control equipment, proxy server and system for capturing network data

Country Status (1)

Country Link
CN (1) CN111224832B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112261660B (en) * 2020-10-16 2024-06-04 深圳安软信创技术有限公司 Android mobile phone end application proxy access security control method
CN113055225B (en) * 2021-02-08 2023-12-05 网宿科技股份有限公司 Network fault analysis data acquisition method, terminal and server
CN115002203A (en) * 2021-03-02 2022-09-02 京东科技信息技术有限公司 Data packet capturing method, device, equipment and computer readable medium
CN116155682A (en) * 2021-11-23 2023-05-23 中兴通讯股份有限公司 Data packet capturing method and device, electronic equipment and storage medium
CN116155862A (en) * 2023-02-21 2023-05-23 北京奇艺世纪科技有限公司 Data packet capturing method, device, server and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104462570A (en) * 2014-12-26 2015-03-25 小米科技有限责任公司 Webpage content obtaining method and device
CN108363662A (en) * 2018-01-29 2018-08-03 深圳壹账通智能科技有限公司 A kind of applied program testing method, storage medium and terminal device
CN108536484A (en) * 2018-03-26 2018-09-14 平安普惠企业管理有限公司 Parameter amending method, device, terminal device and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10069837B2 (en) * 2015-07-09 2018-09-04 Biocatch Ltd. Detection of proxy server
CN106572010A (en) * 2015-10-12 2017-04-19 小米科技有限责任公司 Data package grabbing method and device, and terminal
CN108063714B (en) * 2016-11-09 2021-02-12 北京国双科技有限公司 Network request processing method and device
CN108173813B (en) * 2017-12-08 2021-07-20 国网北京市电力公司 Vulnerability detection method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104462570A (en) * 2014-12-26 2015-03-25 小米科技有限责任公司 Webpage content obtaining method and device
CN108363662A (en) * 2018-01-29 2018-08-03 深圳壹账通智能科技有限公司 A kind of applied program testing method, storage medium and terminal device
CN108536484A (en) * 2018-03-26 2018-09-14 平安普惠企业管理有限公司 Parameter amending method, device, terminal device and storage medium

Also Published As

Publication number Publication date
CN111224832A (en) 2020-06-02

Similar Documents

Publication Publication Date Title
CN111224832B (en) Method, control equipment, proxy server and system for capturing network data
US10992734B2 (en) Remoting application servers
US10880399B2 (en) Method and system for implementing network experience shifting using shared objects
CN104301373B (en) Via the synchronous sending out notice of file-sharing service
JP2015513815A (en) Device control method and apparatus
ES2894900T3 (en) Selection of the transport procedure for the delivery of notifications from the server
US10419968B2 (en) Dynamic selection of TCP congestion control for improved performances
CN105468513B (en) Test method, device and system based on mobile terminal
US9413560B2 (en) Differentiated quality of service using security as a service
KR20210110335A (en) Smart device network configuration method and related devices
JP2016509702A (en) File sharing method, apparatus and mobile device
US20220278935A1 (en) Systems and methods for determining a policy that allocates traffic associated with a network protocol type to a network slice
CN111314416B (en) Data synchronization method, device, system, equipment and storage medium
JP7277563B2 (en) Hybrid cloud computing network management
US20140087714A1 (en) Device control method and apparatus
EP2854027A1 (en) Method for downloading application program, user equipment and application server
JP2015228112A (en) Communication device, communication device control method, and program
CN109587197B (en) Method, device and system for associating reported data
CN108370500B (en) Optimized settings for wireless devices
WO2016061890A1 (en) Resource sharing method, terminal, system and computer storage medium
JP2023109707A (en) Video analysis system and data delivery method
WO2022143857A1 (en) Video call method and apparatus, and electronic device and storage medium
US20210281656A1 (en) Applying application-based policy rules using a programmable application cache
CN114520780A (en) Access method and device for proxy server
JP2014014061A (en) Remote connection process monitoring method and remote connection monitoring system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant