IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [wireshark]

Wireshark is a graphical packet capture and analyser open-source software. It can be used for a variety of network communication analysis tasks like protocol development and troubleshooting. It shows packets on the IP level.

Wireshark is an open-source cross-platform packet capture and analysis tool. It has a wide range of dissectors for different protocols, and offers a powerful filter grammar for searching through packet captures. It is considered by many to be the de facto tool for packet analysis.

326 questions
0
votes
3 answers

How to capture Wifi 802.11 traffic?

I want to capture the wifi traffic from my wireless card, so what i have to do and are there tools for that? I know that there is aircrack-ng and airodump, but these tools need a extra wireless adapter and is their a possibility to capture wifi…
user104787
  • 179
  • 1
  • 4
  • 12
0
votes
2 answers

What is really wireless sniffing, and how can this attack damage someone

I guess that this is a dumb question, but i really thought for a longtime that the wireless sniffing attack consists of listening to all the packets that get over the air, but apparently it isn't that, cause no matter how I try, i can only see my…
Sidahmed
  • 639
  • 2
  • 9
  • 26
0
votes
1 answer

how to catch a packets from wifi that I am connected to ( or not connected to )?

I have wifi connection, and I want to use something like wireshark to catch all the packages that my wifi router is listening to. How can I do it? If i want to catch packets from the router that I could not connect to - is it possible ?
Yanshof
  • 141
  • 1
  • 7
0
votes
2 answers

Monitor traffic that is going through my router

I want to monitor the HTTP traffic of all clients connected via wifi to my wireless router. I want to capture the traffic with my Notebook which is also wirelessly connected to the router. Hardware & Software setup: Capturing with: Intel 7260…
nosharky
  • 1
  • 1
  • 1
  • 2
0
votes
1 answer

HTTP Basic Authentication - password missing

I am trying to retrieve a username and password send over the network. I was able to capture the following using Wireshark: GET /rcp_tunnel HTTP/1.0 Host: ***.***.***.*** Authorization: Basic…
Petee
  • 1
  • 1
  • 1
0
votes
1 answer

Capture & Decrypt packets captured by monitoring mode

I am working on capturing packets using monitoring mode on my laptop. The problem is that I cannot get the source/destination IP's since the packets are encrypted. I added a key and it didn't work (I am using Wireshark to do this). 1- Is there an…
Hussein
  • 101
  • 2
-1
votes
1 answer

Slow internet - Worried about spammed packets

got a weird question and I'm not sure if I should even post this on here but I couldn't think of anywhere better to ask. Lately, I've been getting some internet speed issues. I closed literally every proccess on my computer that sends packets out…
user3312767
  • 1
-1
votes
1 answer

How to decrypt passwords gained by wireshark?

We are trying to see who is using network VPN. I used Wireshark to sniff the network, I gained some users and passwords. The usernames were in plain text, but the passwords were in two different encrypted types One kind like this :…
aghArdeshir
  • 103
  • 1
  • 3
-1
votes
1 answer

Trying to decrypt my home network

I've put my wireless card in monitor mode following this tutorial. After that, I started monitor my wifi home and, after a few seconds, I stop it. Every packet was crypted (obviously), so I follow this tutorial and including my…
Pablo D
  • 101
  • 4
-1
votes
2 answers

Can Wireshark resolve https domain name?

Can I use Wireshark to see what websites are visited on my network? I'm just looking for the domain name, and not a full url or any credentials. Would I need any additional tools such as sslstrip to see this? Would getting the DNS query be…
user226730
-1
votes
1 answer

ip_forward reverting back to 0 during ettercap subnet scanning

Im trying to arp spoof a local network but the /proc/sys/net/ipv4/ip_forward is reverting back to 0 when ettercap is performing subnet scan on a network hub. Even if i change it back to 1 after the subnet scan wireshark doesn't seem to get all http…
xoox
  • 29
  • 3
-1
votes
2 answers

Unable to inject cookies

As part of an exercise, I need to sniff cookies from a login page and inject them in the same login page. If the cookie injection is successful the user must be login without entering the user name and password. I sniffed the cookies. I found three…
user9371654
  • 469
  • 1
  • 6
  • 15
-1
votes
1 answer

Would sniffing all network traffic from android device to check for spyware be a viable solution

I suspect that my Google pixel (Android 9) phone has some sort of a spyware installed. There are no obvious symptoms like overheating, extreme data usage, or battery draining at an unusual rate. But I have very good reason to believe that both my…
JohnSnow
  • 105
  • 4
-1
votes
1 answer

Why would the amount of packets received be greater than the amount of packets sent?

I am new to wifi, and as I was looking at .pcap files, I noticed that one connection took an absurdly large amount of time. Another thing that stood out is that the amount of packets received was so mush more than the number of packets sent. What…
jdw136
  • 1
-1
votes
1 answer

TLS, Wireshark "this session reuses previously negotiated keys"

I made a Wireshark tap for 2 request: a HTTP GET to a login authentication page then a HTTP POST when I send credentials to the server As you can see, I get a warning message from Wireshark because it seems that the TLS session ID is the same for…
Demitri
  • 11
  • 1
  • 1
1 2 3
21
22