Menu
▾
▴
Wireshark-en
Wireshark
Phase(s):
Primary: Exploitation.
Secondary: N/A.
Description:
It is a tool to analyze protocols, it is used to analyze and solve problems in network communications for software development and protocols. It has all the standard features of a protocol analyzer only hollow form.
Objective:
- Process the network traffic generated by the applications (Web, Client / Server, Web services.
Features:
Supported Operating System:
- Linux/Unix
- Windows
- macOS
Operative mode: Passive.
Process the network traffic generated by the applications (Web, Client / Server, Web services.
- Functionalities for monitoring and analysis of communication protocols selected specific network interfaces.
- Allows to store monitored traffic within a packet file.
Reports:
Output reports: ✔
- Multiple formats to export results:
- Format in plain text.
- Format in PostScript.
- Format in CSV.
- XML (PSML or PDML).
Basic usage:
Capture a request for a Web application (HTTP).
Start the Wireshark tool.
Within the "Capture" section, select the required network interface for capture of packages, in this case “ens33”.
The tool will begin to collect all the generated packages from the specified network interface.
Capture HTTP POST requests.
The next Wireshark filter will show all the captured HTTP POST requests/responses.
http.request.method == "POST"The application is accessed through a Web browser and is navigated within the application in order to make multiple requests (connections) to the server. The tool will register the made requests. In this case, an insecure login process was made.
Select some of the requests, right click and select the option "Follow TCP Stream".
The tool will show a new window, which the made request by the application to the server, can be viewed.
Resources:
Link: http://www.wireshark.org
Author(s): Gerald Combs
License: GNU General Public License version 2.
Version: v2.6.8