Back to Blog
How to interpret wireshark capture5/30/2023 Dalam publikasi ini, file hasil capture Wireshark. I hope I have explained myself clearly and I hope you liked it. Keakuratan dalam interpretasi data memiliki peranan yang signifikan dalam analisa suatu hasil pengukuran. PS: Forgive so many images, but I wanted to be clear. (Fifth question)Īnd most importantly … we have the secret recipe! (Sixth question) If we are in Windows it will be necessary to download a Windows add-on (FCIV) and we will use the command “ fciv -md5 “. This will open the capture interfaces dialog, were you can select the NIC connected to the back of the IP phone we will capture. If we are in Linux we will use the “ md5sum” command to generate the MD5 of the file. Open Wireshark and click on the first NIC to the left. When showing us the data, we select “ Show and save data as” RAW (it is necessary that it be saved as RAW but, the file will be corrupted) finally we keep as recipe.docx (important the extension) and ready, we have the most difficult fact. Once all the data has been exported, we open it again with Wireshark and do Follow Stream to any package. ![]() ![]() Next, we will do right-click -> Mark / Unmark packet in both packets and finally go to File -> Export Specified Packets where we will indicate “ First to last marked” to export all data packets. The first packet is where the header is 50 4B 03 … this packet is 119 if we go to the end of the data it tells us that it is packet 131. Indeed, a file with the name recipe.docx has been sent (Third question) and where its header is 50 4B 03 04 14 00 06 00 where the first 4 bytes are 50 4B 03 04 (Fourth question).įor the last two questions, it is necessary to extract all the data from the sent file (to do the MD5 and to see the secret recipe! □)įor this, we will have to locate the first packet and the last one of the data.
0 Comments
Read More
Leave a Reply. |