Private lan interception

[Crusader]

Hi there, kinda new in this i will go directly to the question.

i have installed plunder bug succesfully, i putted it from my personal pc and bridged it to my private lan. I'm in unmuted mode and wireshark is on, so after 5 minutes of surfing in the web i stopped and saved the cap file.

Later i used pcapfex.py to extract the data and i noticed it captured jpg of the site i viseted.

So my question is , does the plunder capture only the traffic going from my personal computer? or can i intercept other people too? If so how to bridge it to do this?

thanks

[securedlab]

I'm having same issue.I connect the plunder bug between endpoint and switch, I can see http posts for the endpoint its connected to, but not for any other devices on the switch..

[securedlab]

I realized that in order to capture all traffic on the switch, one of the ports on the 'managed' switch would need to be configured as a span port. For some reason I thought this device would do more, but really the packet squirrel does the exact same thing, except it can connect to c2 and have payloads..  Plunder just gives the option to view packets from the device on laptop/phone with USB-C.

[flipchart]

yes, plunder is a simple LAN TAP with only 10/100 MBit/s. You can easily put it between your switch and the Uplink of the switch. That way you can collect all devices internet traffic.

Plunderbug is very useful when developing and analyzing stuff, where you don't care about the Link going down to 10/100 (which in normal cases would immediately trip of network monitoring) and when you need something small to put somewhere and dont have lots of LAN cables flying around.

But together with the mobile application you can discover a whole new functionality of your plunderbug, 😉 which lets you forget about the 10/100 thing...