Questions tagged [packet-capture]

is for questions about capturing packets of various protocols that are transmitted over a network.

A lot of computer network protocols transmit their contents in packets. Packet capture is the interception of these packets as they are moved over a network of some type.

A packet sniffer captures raw data traveling over a network segment and saves it to a file for analysis.

Software

A software sniffer can generally only capture network data either originating from or going to the computer running it, plus any "broadcast" messages, if the computer is connected to the network via a switch. If the computer is connected to the network via a router, it may be able to capture network data for any device on connected to the same router.

Hardware

A hardware packet sniffer is physically connected to the network by connecting it to a router or switch. Sometimes the router or switch has to be configured to allow the sniffer to capture traffic being routed through it; this is called port mirroring.

Analysis

The captured data can be analyzed by the software that captured it, or by a program specifically designed to analyze the network data.

See Also

Wikipedia Article on Packet Analyzers
The term packet sniffer is also common and can be considered a synonym.

659 questions

1

vote

0 answers

modify tcp packet payload with Windivert but than connection finished

i am working on an project and i need to edit a tcp packet data. I use Windivert for this, I can find my packet and edit also i dont vhange packet length just replace some walues with random values(i try this with socket rediretion and edit it will…

c winapi networking packet-capture packet-injection

asked Feb 09 '21 at 13:46

kerrro

11
1

1

vote

0 answers

Is there a way to figure out the security protocol of a wireless network purely from a probe response .pcap file?

I am trying to analyze probe response .pcap files of a network to deduce the security protocol (as in wpa, wpa2, wep, open network). I realized that in some beacon .pcaps, there is a tag with the wpa information and in the following image for…

wifi wireshark pcap packet-capture

asked Jan 08 '21 at 01:02

LaptopDestroyer

31
5

1

vote

1 answer

Can I fake a video stream in Zoom (or fake it using packets so as to work universally)?

Currently, I have yet to find anything online using Google. However, what I'm trying to do is to take a pre recorded photo or video, and intercept my camera's capture. Similar effect to holding up a printed photo to a camera. Also similar to…

python python-3.x packet packet-capture intercept

asked Jan 06 '21 at 15:47

Cat_Gamer23

11
1

1

vote

0 answers

Capturing 802.11 packet headers on Android device?

I want to capture WiFi packet headers on Android using tcpdump kind of an application. I am using an HTC dream phone (Android 1.6, Wi-Fi (802.11b/g) using a Texas Instruments WL1251B chipset). The default TI driver filters the 802.11 packet headers…

android packet-capture packet-sniffers

asked Jun 22 '11 at 22:57

Ashish

21
5

1

vote

1 answer

WireShark Remote Capture failed:NFLOG link-layer type filtering not implemented

I followed the official documentation. My remote-server is CentOS 7.9, and I have installed the wireshark in it. I use the below command to open my local wireshark software to capture the remote-server's interface packet: ssh root@remote-server-name…

wireshark packet-capture

asked Sep 16 '20 at 11:21

user7693832

6,119
19
63
114

1

vote

2 answers

How to export tshark objects without stopping it

Requirement: I need to obtain files/objets of any kind that are being downloaded via my wifi interface. I am running tshhark to listen to my wifi interface and export HTTP objects to a given directory using the following command. tshark -i wlp4s0…

http networking packet-capture tshark

asked Sep 03 '20 at 05:39

Behrouz A

13
3

1

vote

1 answer

Tracking connections and packets of a program

I hope this is quite a simple question.. I've got a compiled .exe program on windows, and I know that it connects to some php resource on some web server and fetch some data. They are just one or two KB, but what I'd like to know is: what's the php…

connection packet packet-capture packet-sniffers packets

asked Jun 12 '11 at 09:20

Matteo Monti

8,362
19
68
114

1

vote

0 answers

Not able to reach from one instance to other

I have 2 aws ec2 instances and facing reach-ability issue from one instance to another. Have checked for SG, IGW, and it looks fine. Have also added subnet in /etc/hosts.allow to allow the hosts. Can someone please suggest how to debug this…

networking amazon-ec2 trace packet-capture

asked Jul 04 '20 at 04:34

Pooja

481
1
8
15

1

vote

1 answer

IndexError list index out python3

hello i am making a script but keep having an error pop up: File "creditcardsniff.py", line 70, in findCreditCard print(f"{GREEN}{BRIGHT}[+] Found American Express Card: " + str(americaRE[0]) +""+ str(CCVRE[0]) +""+ str(MMYY[0])) IndexError:…

python regex scapy packet-sniffers packet-capture

asked May 24 '20 at 18:58

karmasploit

11
1

1

vote

1 answer

How to convert raw packet data into a PCAP file?

I'm running some software that sniffs local packets, then encapsulates the full, raw packet data in a TCP packet and sends it to the server. What I'd like to do is have the server receive the packet data and put it into a PCAP file for download by…

pcap libpcap packet-sniffers packet-capture

asked May 19 '20 at 17:38

August H

64
1
5

1

vote

0 answers

How do I get Snort to log the packets that match a given rule?

I'd like my Snort IDS to log all traffic from any IP address on any port that comes to my machine through any well-known port. I've set up my snort.conf file appropriately and saved the following rule in the rules folder: log tcp any any ->…

windows packet rules packet-capture snort

asked May 17 '20 at 00:18

bones

33
4

1

vote

0 answers

How to block Android wifi packet sniffing

I want to block sniffing to my app and I assume if there is many proxy then a sniffer working in background. But proxylist always 1 proxy. ProxySelector defaultProxySelector = ProxySelector.getDefault(); List proxyList =…

android packet-sniffers packet-capture sniffing

asked May 08 '20 at 12:21

6155031

4,171
6
27
56

1

vote

1 answer

View Contents of docx, pdf and text files obtained in Wireshark through PCAP file

So, I have got a pcap file which I opened with Wireshark tool. Now, there are 4 files I can find through the HTTP filter: 1. A docx file 2. A pdf file 3. A txt file 4. PNG file I extracted the PNG image file by the following : Right click on the…

packet-sniffers packet-capture wireshark-dissector

asked Apr 19 '20 at 19:02

Jibin

33
1
6

1

vote

1 answer

How to use dpkt with 802.1Q and SLL?

I am working on a PCAP in python and using dpkt to read it. Data in PCAP file is Linux Cooked Capture, SLL for friends. This is an example packet as seen in Wireshark: Frame 3: 578 bytes on wire (4624 bits), 578 bytes captured (4624 bits) Linux…

python pcap packet-capture vlan dpkt

asked Mar 27 '20 at 22:51

Lyonid

49
7

1

vote

1 answer

Tshark logging by local username

I'm trying to attribute network traffic in a tshark dump with the logged in user that the respective traffic is associated with. I'm running an Ubuntu server on a corporate network in which users log into either via RDP or SSH with x-forwarding. My…

linux ubuntu iptables packet-capture tshark

asked Feb 26 '20 at 06:06

RogueKnight

113
7

Prev 1 2 3

…

43 44 Next