Jump to content

Remote Capture Pineapple To Wireshark

Recommended Posts

Afaik, dump to usb mean offline capture right ?

Is it possible to do live traffic capture ?

I remember an older hak5 episode where they sent a tcpdump to another ip on the same network. maybe netcat/ssh tunnel? of course if you can connect to the pineapple you can ssh in and just issue a dump and see it all on-screen

Link to comment
Share on other sites

I happened to run across this bit of info:


ssh root@server.com ‘tshark -f “port !22″ -w -’ | wireshark -k -i -

This captures traffic on a remote machine with tshark, sends the raw pcap data over the ssh link, and displays it in wireshark. Hitting ctrl+C will stop the capture and unfortunately close your wireshark window. This can be worked-around by passing -c # to tshark to only capture a certain # of packets, or redirecting the data through a named pipe rather than piping directly from ssh to wireshark. I recommend filtering as much as you can in the tshark command to conserve bandwidth. tshark can be replaced with tcpdump thusly:

ssh root@example.com tcpdump -w – ‘port !22′ | wireshark -k -i -


Link to comment
Share on other sites

i still have no luck with this :( :( :( :( :( :( it's really strange it said, 'ash: tcpdump: not found'


Hmm I have updated my setup script to sym link more things from usb to the regular filesystem, this should make more things installed to usb compatable, you have to run it after installing to usb

ln -s /usb/usr/sbin/* /usr/sbin/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...