IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [wireshark]

Wireshark is a graphical packet capture and analyser open-source software. It can be used for a variety of network communication analysis tasks like protocol development and troubleshooting. It shows packets on the IP level.

Wireshark is an open-source cross-platform packet capture and analysis tool. It has a wide range of dissectors for different protocols, and offers a powerful filter grammar for searching through packet captures. It is considered by many to be the de facto tool for packet analysis.

337 questions
13
votes
4 answers

How can I capture the packets of a LAN device in Wireshark?

Setup PC running Wireshark, connected to the network wireless (if OS variation is an issue, use Wireshark on Linux). Another device connected, wireless, to the same LAN. Wireless network uses WPA2 encryption Question Using Wireshark on my PC, how…
Mars
  • 1,853
  • 3
  • 19
  • 23
8
votes
1 answer

Can Wireshark capture https request?

I have been working in Wireshark. And I am able to capture http requests and capturing http packets using Wireshark. And now I am capturing https requests. It seems to not capture the packets and when I right click-> follow-->tcp stream It shows the…
toastmaster
  • 109
  • 1
  • 2
  • 8
5
votes
2 answers

It is safe to share a wireshark file?

I wanted to share a wireshark of my file, because it may help with some problems i'm having but i need to know if it is safe, or if could reveal sensitive data about me, the only IP's i see are my internal ones not external
Freedo
  • 2,273
  • 5
  • 20
  • 29
5
votes
2 answers

Extract cookies from pcap

Is there any tool to extract cookies from network sniffs generated by tcpdump (.pcap files). I know I can open it in wireshark but it will take a while until I find the domain I am interested into and the cookies (is there a filter I can use…
opc0de
  • 697
  • 4
  • 7
  • 14
3
votes
1 answer

Wireshark DNS sniffing : too much junk -> Are there hostname "blacklists" for wireshark?

So I'm sniffing my DNS on wireshark. There's way too much junk because the websites include many advertising tools, web tracking, etc. Is there some blacklist that contains all those pesky hostnames, so that I can purify my wireshark a bit? Current…
Johnny Pralo
  • 73
  • 5
3
votes
1 answer

Does anyone know how to "tcpdump" traffic decrypted by Mallory MITM?

I'm looking for some help in capturing network traffic that I can analyze in Wireshare (or other tools). The tool I'm using is mallory. If anyone is familiar with mallory, I could use some help. I've got it configured and running correctly, but I…
chriv
  • 139
  • 4
2
votes
2 answers

How can I strip sensitive data out of a Wireshark log report?

I have a sync app that doesn't work and the developer asked me to try and perform a sync with Wireshark capturing the data and send the Wireshark log to him. I noticed that Wireshark saves sensitive data in the log, like the MAC address of both my…
doplumi
  • 123
  • 1
  • 4
2
votes
1 answer

How to view WiFi traffic using Wireshark on a 3rd party?

I am trying to look at traffic between my phone and the outside world, and for whatever reason I can't see the outside world's traffic coming in. I am running Wireshark on a Kali box, I turned on the monitor mode interface, and then setup Wireshark…
gr0k
  • 150
  • 1
  • 7
2
votes
2 answers

Sniff packets with wireshark on localhost

I have a webserver in my windows machine running Apache(XAMPP). I have created an Android application that connect to my webserver at localhost. How can I capture the data with wireshark on localhost?
user46850
  • 199
  • 1
  • 3
  • 9
2
votes
2 answers

Http request can't capture from wireshark

I am working in wireshark. I am monitoring the wifi traffic on the same network. We have 6 pc's there and one machine was installed on wireshark to capture wifi traffic. I got my team mates Ip address in the endpoint list. My machine have…
toastmaster
  • 109
  • 1
  • 2
  • 8
2
votes
1 answer

Sniff packets then repeating these requests?

I'm new to this and have basic understand of security. I was wondering if you could sniff packets from a handheld device (e.g iPhone, iPad, tablet.) and repeat these requests. For example... John sent a Snapchat and wireshark captured this. Could…
Ben lockyear
  • 21
  • 2
1
vote
2 answers

Wireshark Trace containing SSL RSA with RC4 128 md5

I thought it'd be a neat idea to do a wireshark capture on my own login to a website and try to figure out where the packet containing the password is and decrypt it. So I logged into a website which uses SSL RSA with RC4 128 md5 to encrypt the…
BubbleMonster
  • 267
  • 3
  • 7
1
vote
1 answer

wireshark only showing inbound traffic

I am using a dynex DX-EHB4 ethernet hub with two systems connected to it, the target desktop and another desktop running wireshark in promiscuous mode. I have a filter in place "host x.x.x.x" so I only see traffic of the target ip address. In my…
linux1
  • 11
  • 1
  • 2
1
vote
1 answer

Wireshark - I can't see traffic of other computer on the same network in promiscuous mode

I am in promiscuous mode and I am using my one computer to sniff the network traffic. On both a separate computer and my phone I logged into the same http site and entered in some test credentials to see if the traffic would show up in wireshark. To…
Michael
  • 851
  • 2
  • 10
  • 19
1
vote
2 answers

Going from an EC Private Key to Decrypting Traffic

At the moment I have an EC private key in my possession and also some traffic that was encrypted using the aforementioned private key. I have been trying to use OpenSSL to turn the private key into something Wireshark can work with. For example,…
Alexander Craggs
  • 111
  • 3
1
2