moondog Posted December 20, 2023 Share Posted December 20, 2023 Hey guys, Long time lurker first time posting... I recently purchased the new version of the packet squirrel because I wanted to play around with the built in TCP Dump payload. However, I'm having some issues with it and was hoping maybe someone could point in the right direction. The directions I followed for setup was the ones provided by the Hak5 website here: https://docs.hak5.org/packet-squirrel/default-payloads/logging-network-traffic I've gone thorough the setup process by connecting to the web interface. I have a USB formatted as NTFS and have also tried EXT4. The current one I'm using is a 32GB PNY flash drive but I have tried others. After booting up the squirrel it blinks green for a while, pauses, blinks teal once, and then goes solid green. The instructions above indicate that it should blink yellow to indicate that the PCAP file is being writing to the loot folder on the USB. I press the button on the side to stop the tcpdump and to write the files but after removing the flash drive and reviewing it on my PC the USB appears to be empty. No loot folder or anything! Not sure what I'm doing wrong (I'm sure its something stupid I'm doing) but if anyone has any suggestions that would be amazing. Thanks! Quote Link to comment Share on other sites More sharing options...
dark_pyrro Posted December 20, 2023 Share Posted December 20, 2023 From where are you sourcing your payload? Just checking since you're linking to the documentation of the Mark I version of the Squirrel. What switch directory did you put the payload in? And, you are 100% certain that the hardware switch is in the corresponding position, i.e. the same as the switch directory? 1 Quote Link to comment Share on other sites More sharing options...
Solution moondog Posted January 3 Author Solution Share Posted January 3 Sorry for the delayed answer! Got really busy during the holidays. Thanks for the reply but I'm embarrassed to admit that I thought the the TCPDump came preloaded on the device itself. Once I copied over the script from the Github repo all is working properly now. Thanks again! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.