Qihoo360 / mysql-sniffer

mysql-sniffer is a network traffic analyzer tool for mysql, it is developed by Qihoo DBA and infrastructure team
MIT License
852 stars 295 forks source link

mysql-sniffer -i eth0 -p 3306 无法抓取到任何数据 #3

Closed Cherishope closed 6 years ago

Cherishope commented 7 years ago

mysql-sniffer -i eth0 -p 3306 -e stderr 显示如下内容 FILE: /root/mysql-sniffer/src/session.cpp LINE: 109 in add_mysql_resume_session:"adding resume session: -1542805312:46464 -> -284514112:3306" FILE: /root/mysql-sniffer/src/mysql-dissector.c LINE: 484 in handle_resume_state:"handle resume state: current state: SESSION_STATE_RESUME_START msg_type: client " FILE: /root/mysql-sniffer/src/mysql-dissector.c LINE: 538 in mysql_dissector:"handle canceled due to resume state" FILE: /root/mysql-sniffer/src/mysql-dissector.c LINE: 484 in handle_resume_state:"handle resume state: current state: SESSION_STATE_RESUME_WAIT_SERVER msg_type: server " FILE: /root/mysql-sniffer/src/mysql-dissector.c LINE: 538 in mysql_dissector:"handle canceled due to resume state"

nathan6 commented 7 years ago

-e 参数后跟错误日志的文件名,你重新制定个日志路径和文件试试

vectorzjl commented 7 years ago

要抓取到建立数据库连接的数据包之后才能解析之后的数据,所以你要先开启抓包工具,然后重连数据库服务器,就可以抓包了。

wp741 commented 7 years ago

没有任何反应呢?

ghost commented 6 years ago

Scanning dependencies of target mysql-sniffer [ 14%] Building C object bin/CMakeFiles/mysql-sniffer.dir/main.c.o /Users/alchuan/Hacker/DBSqlinjection_Scan/mysql-sniffer/src/main.c:67:64: warning: declaration of 'struct iphdr' will not be visible outside of this function [-Wvisibility] void tcp_resume_is_client(struct tcphdr packet_tcphdr, struct iphdr packet_iphdr, int* is_client){ ^ /Users/alchuan/Hacker/DBSqlinjection_Scan/mysql-sniffer/src/main.c:80:37: error: no member named 'dest' in 'struct tcphdr' int port = ntohs(packet_tcphdr->dest);


/usr/include/sys/_endian.h:132:39: note: expanded from macro 'ntohs'
#define ntohs(x)        __DARWIN_OSSwapInt16(x)
                                             ^
/usr/include/libkern/_OSByteOrder.h:72:40: note: expanded from macro '__DARWIN_OSSwapInt16'
    ((__uint16_t)(__builtin_constant_p(x) ? __DARWIN_OSSwapConstInt16(x) : _OSSwapInt16(x)))
                                       ^
/Users/alchuan/Hacker/DBSqlinjection_Scan/mysql-sniffer/src/main.c:80:37: error: no member named 'dest' in 'struct tcphdr'

mac osx 下 报错,请问下能不能解决
nathan6 commented 6 years ago

@alchu4n 目前只支持 centos