Inform your fellow anons about what you've discovered using this program.
01 How to use it, (new) 02 What can you sniff and what did you learn from it 03 Security and more 04 Networks gen 05 Bbbut im just a troll, I don't know how to use such a tool 06 Data gen 07 Good tutorials on wireshark 08 Alternative programs for network sniffing
Come on, nobody on Jow Forums has a job where they'd actually use this and have any real world skills.
Add tcp.seq tcp.ack tcp.nxtseq tcp.stream columns in your TCP profile
Add other useful columns in your other profiles, like MAC VLAN Ethertype for your L2 profile, the LACP Port and Actor for your 802.3ad profile, SACK and TSN for your SCTP profile, etc
Right click and Follow TCP Stream
You can right click any packet data and Copy As Filter or Prepare As Filter
If you're looking at http or SMB, you can pull files out of the pcap, it's under the File menu
tshark has useful summary commands like -q -z conv,IP
tshark -T fields can be used to get data to pipe into sort, uniq, or awk for other useful inferences
That's all pretty beginner level stuff. I've wanted to do the Laura Chappell Wireshark University certs for a while.
Kevin Rivera
Bump
Hudson Nelson
Why didn't you do it and why this course out off all courses in the first place?
Easton Kelly
>look I just found out about wireshark, because I installed kaliOS
Wyatt Collins
Install ettercap
Nathan Carter
Tel me more..
Ian Hughes
Can I sniff cute girls with this?
Logan Gomez
Wireshark isn't real skill and packet analysis is easy skid shit
Zachary Perez
i use it in Telco. We have iris but thats a piece of shit. Mosty checking isup/sip protocols.
Christian Green
...
Julian Thomas
What about tcpdump? How can I view the data captured afterwards?
Easton Martinez
How easy is it to DNS mitm?
Bentley Lee
IIRC you can save tcpdump captures as pcapng and then simply open that file with wireshark for viewing
Jacob Phillips
There is some "skill" but it's not much. One you learn to recognize basic things like TCP handshake, DORA (DHCP handshake), etc you can diagnose pretty much all network related problems
Austin Lee
It's easy if the DNS is unencrypted, which most DNS requests are. You have to place yourself in between the client and the DNS server by using ARP spoofing, or by gaining control of something that's already in the middle an inline appliance/server. At that point you can just read the plaintext DNS request packet, parse out the target domain (e.g. facebook.com), and if it matches what you're looking for simply craft a new DNS answer packet with an IP address of your choosing and send it back to the client
Brayden Cox
Isn't there something simpler than wireshark for viewing ?
Gabriel Long
I legit can't work out how to sniff AMF3 packets with this.
Cameron Perez
>It's easy if the DNS is unencrypted, which most DNS requests are. You have to place yourself in between the client and the DNS server by using ARP spoofing, or by gaining control of something that's already in the middle an inline appliance/server. At that point you can just read the plaintext DNS request packet, parse out the target domain (e.g. facebook.com), and if it matches what you're looking for simply craft a new DNS answer packet with an IP address of your choosing and send it back to the client I am setting up open wifi near the girls' dorms at my uni to do this, where can i find some good clone frontpages to harvest passwords?
Jayden Thompson
How do you sniff traffic coming from only a certain program?
Dominic Morales
Hadn't used this for a while until the other day. It was interesting doing IO graphing with display filters. I was testing VNC bandwidth consumption.
John Nguyen
Find out what port numbers and IPs it's using. Look into the netstat command.
Owen Ramirez
How do I use this shit to spy on my Girlfriend?
Kayden Taylor
>tfw nobody bothered capturing packets from that mmo you liked before they shut down the servers
Kevin Jenkins
step 1 - leave Jow Forums long enough to acquire gf