Jump to content

capture with tcpdump filter and use tcpreplay to send captured filtered traffic

aclx

By aclx
in Payloads

 Share

Recommended Posts

aclx Explorer

aclx

Posted
Posted

Is there a (better) way for my packet squirrel payload? 

a=1

while [ $a -lt 2 ]
do
# Capture MAC addresses that starts with 0x10c and write it in test.pcap
   tcpdump -i eth0 ether [0:2] == "0x010c" -c 5 -w test$a.pcap --print
   

# use tshark to filter on field goose.boolean is true and write it in goose-b1.pcap

   wait 10
   tshark -Y "goose.boolean == 1" -r test1.pcap -w goose-b1.pcap

# use tcpreplay to send goose-b1.pcap
tcpreplay -i eth0 -p 20000 -l 10000 goose-b1.pcap
done
 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...