View Full Version : Anyone ever use the packet sniffer utility Wireshark? Any tips?
kevdog
January 10th, 2008, 06:43 AM
Anybody ever use Wireshark?? Seems very powerful however difficult to interpret output.
jrusso2
January 10th, 2008, 07:37 AM
This might help
http://www.chrissanders.org/?p=47
kevdog
January 10th, 2008, 08:11 AM
Ive download a sample http packet with gzip content
This came from the wireshark sample capture list:
ET /test/ethereal.html HTTP/1.1
Host: cerberus
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; rv:1.7.3) Gecko/20041004 Firefox/0.10.1
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: FGNCLIID=05c04axp1yaqynldtcdiwis0ag1
HTTP/1.1 200 OK
Date: Fri, 29 Oct 2004 05:21:00 GMT
Server: Apache/2.0.50 (Fedora)
Last-Modified: Fri, 29 Oct 2004 05:20:21 GMT
ETag: "126e1f-6d-371b2f40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 92
Connection: close
Content-Type: text/html; charset=UTF-8
............(......HML....).,.I.s-.H-JM.Qp.H.-.IU.HLO...Hr..CT.$..T.5qbU.4L.....l....n.Cm...
Is it possible to decode the 92 byte gzip data with wireshark?
mr.propre
January 10th, 2008, 08:44 AM
I sometimes use it on a network on my school, they only use hubs so it easy to listen and to 'steel' password. Though I don't test or use them, its just fun thing when I'm bored. On the other hand, if your password is "beer1985", than you deserve to get your password stolen! :lolflag:
bufsabre666
January 10th, 2008, 08:49 AM
I sometimes use it on a network on my school, they only use hubs so it easy to listen and to 'steel' password. Though I don't test or use them, its just fun thing when I'm bored. On the other hand, if your password is "beer1985", than you deserve to get your password stolen! :lolflag:
CRAP
*quickly changes*
FuturePilot
January 10th, 2008, 08:57 AM
I used Ethereal (what is now Wireshark) for a class. It is very powerful almost overwhelming at first. But it is good.
Funny story, we had a list of packet sniffers to choose from. I never heard of any of them so I just randomly picked one. Just so happens it was the only open source one on the list. :D
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.