抓包
在抓到的数据包里面,看到一个http get请求,右键选中,然后follow stream
wireshark自动进行数据包过滤tcp.stream eq 1340,并且可以看到完整的数据通讯
GET /Hero/zhCN/client/alert?build=zhCN&targetRegion=0&homeCountry= HTTP/1.1
User-Agent: Blizzard Web Client
Host: nydus.battle.net
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 25 Nov 2017 03:15:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=3600
Location: http://INVALID.launcher.battle.net/service/Hero/alert/zh-cn
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://INVALID.launcher.battle.net/service/Hero/alert/zh-cn">here</a>.</p>
</body></html>
在TLSv1.2的数据流中看到
crl4.digicert.com
DigiCert is the go-to provider of identity, authentication, and encryption solutions for the web and IoT devices.
We help enterprises of every size deploy PKI security that aligns with industry standards and best practices.
Our SSL tools and enterprise-grade platform simplify management, automate certificate tasks, and give organizations the power to customize workflows to best fit their needs.
可以用如下语法过滤和指定ip的ssl
ssl and ip.dst== 24.105.29.76
然后选择一个clien thello,follow tcp stream
正在等待游戏模式下载完成
1.win10系统中,搜索allow an app through windows firewall
2.然后选择里面的allow another app
3.浏览这个路径C:Program Files (x86)Heroes of the StormVersions某一个版本HeroesOfTheStorm_x64.exe,然后add
