Jump to content

Search the Community

Showing results for tags 'Wireshark'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. So I tried using my Plunder Bug on my PC sniffing another PC and it is not showing up on Wireshark. I did try muting and unmuting the device via PowerShell and it still wouldn't show up Attached is a screen shot of Wireshark and my capture options Any ideas? Thanks
  2. Hello, I would like to capture the data stream to my LG oled TV. There is a LAN cable from the router to the TV. The TV uses WebOS rather than an Android operatiing system. I'm not that familiar with Wireshark, but there seems to be a possibility using Wireahark in Promiscuous mode. My router is a Talon AD7200 (TP-Link) and is probably a switch, not a hub. Windows recognizes the TV in the Network section, but I can't make the identification in Wireshark.
  3. Hi How would I adjust the timestamps in a pcap, using NTP packets(also in same pcap)? I’ve used wireshark, but it doesn’t save the new time offset🤔
  4. I have noticed that some of my connections aren't secure for over a few months now. My antivirus also keeps saying there are some network vulnerabilities. (Something about DHCP and it wants me to update the router firmware) I suspected that it has been monitored for a while now but, last night confirmed it. I was watching porn on my phone and I heard them laughing in the room next to mine. I wasn't sure if it was related and I heard one of them saying "He keeps on pausing and screenshotting it". I wanted to test to see if what I did on my phone would cause more laughter so I started looking up weird fetishes and they laughed even harder. I'm so embarrassed and I also feel very angry. Should I feel entitled to internet security when he owns the router? We all contribute to the internet bill so I would think that I'm entitled to some network privacy but, it would seem that they view it as "anything goes". I don't know what to do and I need your help. I really want to get back at them but, I don't know what to do. I thought of downloading a virus on a virtual machine so that it also downloads on their machine too (if they're downloading all my packets). If you have any questions for me, feel free to ask. I'm not very experienced in networking but, I'm willing to learn. P.S. I do have a VPN but only on my Windows PC
  5. Hi It’s been a while since I’ve played with wireshark....Looking for a guide on how to adjust timestamps in PCAP files using NTP packets. I know in the past when I’ve done this, I was unable to save with the new timestamps😔 can someone please advise?
  6. As of late I’ve been playing with packet capture on my home network. I’ve been using wireshark to learn about different protocols etc(I’m a slow learner 😁). is there a application that I can run the packet captures through that has similar functionality as an IDS... post capture?
  7. Hi Folk, I am using RTL-SDR to take dump of cell tower located in my region. Till now,I am able to take GSM incoming call dump which is working perfectly OK. Now, , my goal is to analyze GPRS connection initiation (GPRS attach) and corresponding signaling data. I have tried the scenario by switching OFF and then ON the mobile data but I couldn't see any packets related to GPRS. Is there something I am missing?
  8. Hi Does anyone know of an open source equivalent of Norse Attack maps, to play back captured packets( Pcap)? I know that I can show the location of the captured packets in wireshark, using endpoints and GeoIP. I would like to see them animated like the Norse attack map.
  9. Hi, Is there a tool to passively map a network from a packet capture and produce documentation e.g. network map, ports open on devices etc...?
  10. Hello, I'am wondering if following setup would be possible 1x throwing star TAP 1x Packet squirrel Action: Connect both Ethernet cables for sniffing from throwing star to packet squirrel and capture network traffic for both interface to one pcap file Appreciate if anyone can confirm this :)
  11. Hey all, I'm new, had the LAN turtle for about three weeks and I'm loving it. I have limited knowledge of the RF spectrum and I'm new to networks etc, but I've learnt so much by solving problems as I've gone along. However one thing I'm stuck with is setting up an SSH tunnel to the turtle remotely, in order to get a more diverse capture than I believe URLsnarf is capable of. Current setup Windows 10 putty (and/or Kali in Vbox) SSH to a digitalocean VPS SSH into my turtle remotely. I've searched the forums and googled for "wireshark remote ssh capture" etc, but everything I find seems either irrelevant or goes way over my head. From what I did understand it seems like I may not be able to do it. And I figured if it was possible, wouldn't everyone be using Wireshark instead of URLSnarf (which seems basic to me) Questions Do any of you gurus know if it is possible to get a relatively comprehensive live capture from the LAN turtle via SSH? Has anyone done this yet?
  12. I'm just getting started in the packet capture phase and after getting the ALFA USB WiFi AWUS036NEH and successfully putting it into monitor mode I see it is set to channel 1. With this setting I only see beacons from waps, not traffic from the target channel 6 for one. I have done the usual searching the web and the only mention of channel setting I have seen is within Wireshark itself. Being on version 2.0.2 and on Linux I don't see the options they reference under "capture/options/wireless", doesn't exist. And in my mind I would think that the channel is set on the interface, not the software, I may be wrong, call me noob. Any help is appreciated.
  13. Okay, so first, I'm a student. I'm completing a project that requires analyzing a pcap file in Wireshark. One part of it is finding the series of packets that indicate a buffer overflow, followed by an SQL injection. I have no idea whatsoever how to filter for this, or even what to look for if I do see it. It's the only part that I haven't been able to solve yet. Everything else, Google was pretty helpful. Hints? Ideas? Filter recommendations? Thank you!
  14. I'm doing a bit of research using Wireshark to examine the behavior of the Tetra in different modes of operation. I'm getting results, but I don't trust that my equipment is reacting fast enough to the packets being broadcast. Can anyone tell me the rate at which the broadcast packets occur (number / sec) when the Pool Interval is set to Normal and the order the SSIDs are broadcast. With my Wireshark capture it indicates a rate of roughly 40 packets per second. Also, from the packet capture it looks as though the SSIDs start out broadcasting alphabetically, but as the capture progresses, SSIDs begin to get broadcast more randomly. The randomness is what makes me think I'm not seeing everything. If I'm not seeing everything, this brings up a bigger question. Can the devices being targeted in the wild keep up with all those broadcasts? Would it be better to start slowing down the Pool Interval for a more productive chance at snagging a targeted client? All fun things I hope to explore. Edit: If you're curious about the other two settings, I'm currently getting 7 to 10 SSIDs broadcast per second at the low interval and approximately 100 per second at Aggressive.
  15. Hello, I'm trying to encrypt ssl, I have information that happens to .key file the certificate with wireshark but to me does not work. Do you know how to encrypt ssl. Testing Sslstrip/ sslstrip2 but probably no longer works. Use Kali linux 2.0
  16. Hi all, I want to make a probe to analyse packets traffic that are travelling through NIC. for instance, i am using 10Gbps interface card to capture packet traffic for 10 minutes.It could capture 600gb(6TB )of data.how could i parse and get specified fields through that.how could such a large volume of data and atlast how could i make this probe to achieve my goal.Does anyone could familiar with this.please respond me.your small tip will help me a lot. Thank you
  17. Hey guys, I am struggling with this basic wireshark .cap I am supposed to find a flag in it somewhere but im really missing something. I have only been able to find an email from \ to and subject fields. I can see there was an image uploaded but cannot pull it out and its significance really is unknown. 2x tuna sandwiches, choc milk and a google of tls1.0 and I am still banging my head on a brick wall. can anyone help, not nessesarly with the answer but perhaps some hint on where im going wrong? very new to wireshark and all this in general. https://mega.nz/#!jUNU0LhQ!jRBnuJ97DwLczhJr7wrfZsYNw8Z02NSJBvr1nEJ8SSQ
  18. Hello, I am not sure this is the best place to get "Ubertooth" support but I believe I have everything setup to support KISMET to generate logs files that may be opened in Wireshark and Wireshard should decode the captured Bluetooth packets. The problem I am having is that Wireshark is only showing 14 byte packets. I am pretty sure I captured a pairing process which should have payload. Ubertooth specan-ui is working and KISMET is logging some Bluetooth packets. Any support would be much appreciated. Ubuntu 14.04 LTS Firmware revision: git-8b7ee77 libbtbb-2015-10-R1 ubertooth-2015-10-R1 kismet-2013-03-R1b Wireshark Version 1.10.6 (v1.10.6 from master-1.10) Thanks. Jay https://www.kismetwireless.net/Forum/General/Messages/1448148793.330601
  19. Hi guys, So I've been tasked with finding out what the coil number is that the source is monitoring and I have captured traffic from a network. I've never heard of a coil number, and after looking through the packet information I'm just completely lost. Can anyone point me in the right direction of TCP Modbus packet analysis to discover information about modbus traffic? Yes, I've googled it. The information was a little over my head. I need a teacher! :P Thanks for your time! I've attached the captured traffic to this. I've been using wireshark for analysis.
  20. Hi, I just try to capture GSMTAP packets from my OpenBTS. unfortunately I could not get SMS content as plain text. anybody know how to figure out this problem? some sources said with standart wireshark they could get content sms in plain text. I had tried to copy its hex stream and decode with 7bit encoder which was provided online, but the result was same, I got nothing. Many Thanks, Bass
  21. I was running Wireshark an watching some of the packets comming off my computer. While doing that I noticed some odd packets on my neighbours open(OPN) access point. It's always source = Apple_e5:8d:28 dest = Netgear_13:a8:92 The traffic is a combination of \ "Association Request" "Action" (I can see a Block Ack rule - not sure if that's relevant) "Key (Message 2 of 4)" (always 2 of 4, never any other messages) "Authentication" "Disassociate" (Reason code: Disassociated because sending STA is leaving...)
  22. Recently i have been investigating the packets sent on my network to the servers outside the network on steam. With steam i can clearly view and see what the server addresses are and their IP however i cannot seem to then view hosts connected to them or to me. I also have a playstation and am wondering whether or not it is possible to view the other players public IP one way or another with wireshark. I have spent alot of time searching and cannot seem to find anything on this anywhere.
  23. New post to a previous issue...not seeing in coming network traffic on Port J3 of the Throwing Star LAN Tap Pro. Just to note, the manufacturer was great when I contacted him. He replied quickly and offered a replacement, free of charge. Will advise on the results when it arrvies. I purchased the Throwing Star LAN Tap Pro from hak5 which was demonstrated in one of the twit.tv know-how episodes. I thought it was was advised to be able to collect/see in and out network traffic at the same time through a network analyizing program like wireshark. It was also discussed to have two available erthernet ports if one wanted to collect/see both in/out at the same time to analyze in wireshark. This is in reference to the know how Episode #64 @ 7:19 mins. <http://twit.tv/show/know-how/64> The second issue was in using a tap pro with a swtich and an all-all-one modem/router, where to put the tap pro to capture all the network traffic coming in and out? I tried setting the tap pro directly after my moden/router, then to the switch, then from the switch I connected all my computers. I was only able to capture traffic going out, not coming in.(I did verify both ethernet ports and cables were working correctly. I also verified my 3.0 usb erthernet adpter was working correctly.) Next, I tried a more simple setup: the modem/router through the tap pro, (J1 & J2) to my single test laptop with my monitoring laptop connected to J3 & J4 would capture in and out going traffic from my test laptop. Still no incoming traffic, just out going.... I reviewed the twit.tv know how episodes 63, 64 and 84 hoping to see if I missed something.. I also wnet on hak5 to see what I was missing. Does some one have a link of a setup/diagram for a single unit modem/router using the tap pro and a switch which would capture all in/out traffic? Thank you the read and help. Jeff
  24. For the full tour of the application, please view http://www.elithecomputerguy.com/ETCGCommunity/index.php?do=/forum/thread/65/aircrack-ngui/. Mods, I am not redirecting to another site for any ad purposes. Merely because you have an image limit. So, the abridged version. My program is a graphical interface to Aircrack-NG, dsniff, and nmap (at least the main part). If you go to "Other Tools", it includes other network/computer security tools that you can use (including Wireshark, MAC Changer, BURP Suite, TOR Network). My overall goal of the application is to be a "swiss army knife" for those learning network security and network professionals alike. Let me know if you can help develop, run quality control, or beta test. It's currently up on BitBucket and you can get the link from http://aircrackngui.blogspot.com. Also, let me know what you think. Good idea, bad idea, done too often, doesn't compete with other suites like it? Thank you for your time.
  25. Hi just wondering wether any one could clear this up for me, I have a Huawei wireless modem the 3g type now when I'm running wireshark i noticed that it send a constant stream of probe responses to ff:ff:ff:ff:ff:ff, now am i right in thinking that an AP will only send a response when receiving a request and why would you send a response to ff:ff:ff:ff:ff:ff also this is a constant stream not just once in a while and I cant see any probe requests being sent to the AP either. Is this normal or is there something wrong ?
  • Create New...