fbtm Posted April 11, 2023 Share Posted April 11, 2023 Plunder Bug captures only specific protocol like ARP, IGMP, SSDP form device connect to LAN -> SWITCH. Is it correct ? Why there is no other protocol like HTTP ? Tested on Windows with Wireshark and NPCAP, on Kali with Wireshark. Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 11, 2023 Share Posted April 11, 2023 That's not correct. You should get, for example, http based traffic as well. Provide some example network activity that can be recreated (i.e. what you do on the target/victim device that the Plunder Bug is capturing traffic on). Link to comment Share on other sites More sharing options...
fbtm Posted April 11, 2023 Author Share Posted April 11, 2023 53 minutes ago, dark_pyrro said: Provide some example network activity that can be recreated (i.e. what you do on the target/victim device that the Plunder Bug is capturing traffic on) For example opennig website and surfing the net. Plunder Bug doesn`t show HTTP traffic. Tested mute and unmute and driver for Windows, Linux Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 12, 2023 Share Posted April 12, 2023 http should for sure work, something's wrong (or done wrong) Link to comment Share on other sites More sharing options...
fbtm Posted April 12, 2023 Author Share Posted April 12, 2023 4 hours ago, dark_pyrro said: something's wrong (or done wrong) Yes but what ? It`s simple tool - plugin and run wireshark :) Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 12, 2023 Share Posted April 12, 2023 Yeah, and that's the thing. You can't do much with it other than use it as intended. It sees what it sees. So, there's not much to troubleshoot and since I know (from my own experience and other sources) that it should capture, for example, http based traffic, then something is either wrong with the Plunder Bug (which is less likely since you can at least get some traffic captured) or it's something wrong with the usage/setup. Have you tried to capture traffic from different target devices or just one (1)? Link to comment Share on other sites More sharing options...
fbtm Posted April 12, 2023 Author Share Posted April 12, 2023 2 hours ago, dark_pyrro said: Have you tried to capture traffic from different target devices or just one (1)? Different target devices, still the same. Maybe this is the problem with Windows/Linux driver or wireshark version or npcap/winpcap ? Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 12, 2023 Share Posted April 12, 2023 At least no issues with Linux when I use the Plunder Bug. Works as expected. I can try Windows later on. Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 12, 2023 Share Posted April 12, 2023 Used Wireshark on a Win11 box now and it captures everything that I would expect (http/s, etc.) Even in muted mode. No additional (or updated) drivers for the ASIX interface. Link to comment Share on other sites More sharing options...
fbtm Posted April 16, 2023 Author Share Posted April 16, 2023 On 4/12/2023 at 3:15 PM, dark_pyrro said: Used Wireshark on a Win11 box now and it captures everything that I would expect (http/s, etc.) Even in muted mode. No additional (or updated) drivers for the ASIX interface. Thx, I appreciate. I tested it also on android device but still the same...only packet from USB-C device Link to comment Share on other sites More sharing options...
dark_pyrro Posted April 17, 2023 Share Posted April 17, 2023 If you can't get the Plunder Bug to work on any of the devices you try, I'd suggest creating a support ticket. Link to comment Share on other sites More sharing options...
p4trykx Posted May 23, 2023 Share Posted May 23, 2023 I also have problems with Plunder Bug. I only get some ARP packets in WireShark. No TCP Link to comment Share on other sites More sharing options...
dark_pyrro Posted May 24, 2023 Share Posted May 24, 2023 This should work without any issues, my previous suggestion is still valid On 4/17/2023 at 8:10 AM, dark_pyrro said: I'd suggest creating a support ticket Link to comment Share on other sites More sharing options...
0ne-nine9 Posted May 25, 2023 Share Posted May 25, 2023 On 4/12/2023 at 9:43 AM, fbtm said: Yes but what ? It`s simple tool - plugin and run wireshark 🙂 Heya! I replied on another thread where you commented as well. Make sure the drivers for the network adapter are installed. They may not install automatically, so your devices will fail to see the PlunderBug in Wireshark or tcpdump. https://docs.hak5.org/plunder-bug/getting-started/drivershttps://www.asix.com.tw/en/support/download Link to comment Share on other sites More sharing options...
lowlyfin Posted June 14, 2023 Share Posted June 14, 2023 Check your email you used to purchase the device. Some that shipped were defective. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.