Showing posts with label wireshark. Show all posts
Showing posts with label wireshark. Show all posts

Tuesday, October 11, 2016

OS X El Capitan: how to run wireshark with iphone usb interface

Öncelikle cihazınıza ait udid bilgisini edinmeniz gerekiyor. Bu bilgiyi itunes summary kısmından öğrenebilirsiniz.

Detaylar:

https://blog.unlockbase.com/find-udid-blocked-icloud-iphone/

Sonrasında virtual interface oluşturmak için rvictl aracını kullanıyoruz.

localuserpc:~ root# rvictl -s en5

rvictl [-h][-l][-s <udid1> ... <udidN>][-x <udid1> ... <udidN>]

Remote Virtual Interface Tool starts and stops a remote packet capture instance 
for any set of attached mobile devices. It can also provide feedback on any attached 
devices that are currently relaying packets back to this host. 

Options:
-l, -L List currently active devices
-s, -S Start a device or set of devices
-x, -X Stop a device or set of devices


localuserpc:~ root# rvictl -s
Starting device XXX [SUCCEEDED] with interface rvi0

sonrasında çalıştırdığınızda rvi0 interface'i üzerinden filtreleme yapabilirsiniz;

localuserpc:~ root# wireshark


Posted by at No comments:
Labels: , ,

Wednesday, April 15, 2015

Set file format of the output capture file (.pcap)

editcap - Edit and/or translate the format of capture files
Editcap is a program that reads some or all of the captured packets from the infile, optionally converts them in various ways and writes the resulting packets to the capture outfile (or outfiles).


örnek:

# editcap -F libpcap radius_00002_20150324120131.pcap  rad2.pcap
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)