Search the Community
Showing results for tags 'wireshark'.
Found 4 results
Hey all, I'm new, had the LAN turtle for about three weeks and I'm loving it. I have limited knowledge of the RF spectrum and I'm new to networks etc, but I've learnt so much by solving problems as I've gone along. However one thing I'm stuck with is setting up an SSH tunnel to the turtle remotely, in order to get a more diverse capture than I believe URLsnarf is capable of. Current setup Windows 10 putty (and/or Kali in Vbox) SSH to a digitalocean VPS SSH into my turtle remotely. I've searched the forums and googled for "wireshark remote ssh capture" etc, but everything I find seems either irrelevant or goes way over my head. From what I did understand it seems like I may not be able to do it. And I figured if it was possible, wouldn't everyone be using Wireshark instead of URLSnarf (which seems basic to me) Questions Do any of you gurus know if it is possible to get a relatively comprehensive live capture from the LAN turtle via SSH? Has anyone done this yet?
I'm just getting started in the packet capture phase and after getting the ALFA USB WiFi AWUS036NEH and successfully putting it into monitor mode I see it is set to channel 1. With this setting I only see beacons from waps, not traffic from the target channel 6 for one. I have done the usual searching the web and the only mention of channel setting I have seen is within Wireshark itself. Being on version 2.0.2 and on Linux I don't see the options they reference under "capture/options/wireless", doesn't exist. And in my mind I would think that the channel is set on the interface, not the software, I may be wrong, call me noob. Any help is appreciated.
crunchymom posted a topic in QuestionsOkay, so first, I'm a student. I'm completing a project that requires analyzing a pcap file in Wireshark. One part of it is finding the series of packets that indicate a buffer overflow, followed by an SQL injection. I have no idea whatsoever how to filter for this, or even what to look for if I do see it. It's the only part that I haven't been able to solve yet. Everything else, Google was pretty helpful. Hints? Ideas? Filter recommendations? Thank you!
I'm doing a bit of research using Wireshark to examine the behavior of the Tetra in different modes of operation. I'm getting results, but I don't trust that my equipment is reacting fast enough to the packets being broadcast. Can anyone tell me the rate at which the broadcast packets occur (number / sec) when the Pool Interval is set to Normal and the order the SSIDs are broadcast. With my Wireshark capture it indicates a rate of roughly 40 packets per second. Also, from the packet capture it looks as though the SSIDs start out broadcasting alphabetically, but as the capture progresses, SSIDs begin to get broadcast more randomly. The randomness is what makes me think I'm not seeing everything. If I'm not seeing everything, this brings up a bigger question. Can the devices being targeted in the wild keep up with all those broadcasts? Would it be better to start slowing down the Pool Interval for a more productive chance at snagging a targeted client? All fun things I hope to explore. Edit: If you're curious about the other two settings, I'm currently getting 7 to 10 SSIDs broadcast per second at the low interval and approximately 100 per second at Aggressive.