I have a lot of these api-calls, but i want to know the whole url
https://api.netatmo.com/api/setthermpoint
https://api.netatmo.com/api/getthermostatsdata
https://api.netatmo.com/api/gethomedata
https://api.netatmo.com/api/geteventsuntil
...
I have a lot of these api-calls, but i want to know the whole url
https://api.netatmo.com/api/setthermpoint
https://api.netatmo.com/api/getthermostatsdata
https://api.netatmo.com/api/gethomedata
https://api.netatmo.com/api/geteventsuntil
...
Unfortunately, this is technically impossible. Your clients do only query the host name and never tell the DNS server the full URL.
You can see this also as a security feature - why should you tell e.g. your ISP's or Google's DNS servers the full path of what you are visiting?
Thanks for your response.
If you want to catch just a few URLs, use Wireshark (and if you don't want to patch the topology a ARP-spoofer) with the filter "http" to catch http requests which contains the requested URL.
When I have the time I will try to figure out how wireshark works.
Just make sure, that the traffic goes over your pc. When you want to sniff you smartphone open a hotspot or use a hub instead of a switch.
I want to sniff a raspberry pi connected to Ethernet.
And i’m Using a mac with wireshark, Can u explane me how to do that?
What do you want to sniff? Just the traffic between your mac and the PI was better/easier to realize than sniffing the whole traffic?
If you want to sniff the whole traffic you need to be the man in the middle (you need to be a switch or catching traffing fron a switch, router ecetera). The FritzBox offers to sniff at their ports for example.
If you try to be the man in the middle via ARP-spoofing, you need to deactivate the security software of your pc's because they would really fuck up
Just the traffic between your PI and your mac: Open Wireshark and start sniffing at your network interface card. Set as filter "ip.addr==ADRESS-OF-YOUR-PI" and confirm with enter.
Ok so if the PI calls api.netatmo.com, the request passes your router. Maybe your router offers a function to sniff. Otherwise you need to use Cain & Abel for example to tell the PI "Hey i am the router" and the router "Hey i am the PI" so that the traffic is routed over your mac.
Maybe look here:
At 01:50 must be your router on the left side, your PI on the right side, then activate the nuker (radioactive-symbol)
At 02:13 traffic is full-routed. then you can start Wireshark with sniffing.
You just need to go until 02:15. After that it is just focussed on sniffing passwords.
@DL6ER is correct here, but if you're curious, /var/log/lighttpd/access.log
can show the URL but only for blocked domains.