Questions tagged [tcpdump]

Ask Question

Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; the description is preceded by a time stamp, printed, by default, as hours, minutes, seconds, and fractions of a second since midnight.

8 questions

3 votes

2 answers

556 views

Decrypting network traffic and finding HTTPS private key

I've been battling with one school task for couple days and can't seem to find any idea how to solve it. The task is pretty simple: Log in to the server using SSH. The answer to the task is in ...

Paul

asked Nov 3, 2023 at 13:14

1 vote

0 answers

5k views

How to decrypt a tls1.3 tcp packets in wireshark

I generated the public and private key with openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout server_key.pem -out cert.pem and I am using c sockets for the server and client with openssl, ...

anon

asked Jul 8, 2022 at 10:34

0 votes

0 answers

662 views

Kioptrix 2: Why netcat reverse shell executed in web browser via command injection bug doesn't work?

I've completed kioptrix level 2 challenge via sql injection, command injection, bash reverse shell, and local privilege escalation as part of my OSCP preparation. https://www.vulnhub.com/entry/...

Wolf

asked May 26, 2020 at 17:12

3 votes

2 answers

13k views

tcpdump packets have bad and incorrect checksums on localhost, how to investigate further?

Am investigating a macOS Catalina machine that is believed to be infected with malware. Have been viewing packets with tcpdump and noticed, on connecting to any web address, there are legit packet ...

lancealittlebit

asked Mar 12, 2020 at 23:57

1 vote

0 answers

14 views

Capture Packets of other devices in network [duplicate]

I'm challenged to capture packets sent from a client to the gateway in a network. is it even possible to see the packets between client and gateway for me?

Simon Huenecke

asked Nov 2, 2019 at 19:47

1 vote

1 answer

873 views

Public Availability of a good Dataset in PCAP (TCPDUMP) format for IDS/IPS testing [closed]

I am trying to pass good reputable malicious traffic from an IPS. There are several sources on internet to explore datasets like the oldest I think DARPA set (not available in pcap format and not that ...

aneela

asked May 7, 2019 at 8:03

12 votes

4 answers

8k views

Eavesdropping vs. sniffing

I'm taking a coursera course, and they take pains when talking about network security to distinguish between eavesdropping and sniffing. According to their definitions, sniffing involves reading or ...

fox

asked Oct 8, 2018 at 2:31

13 votes

1 answer

9k views

Wireshark tcp filter: tcp[((tcp[12:1] & 0xf0) >> 2):4]

While reading this doc https://wiki.wireshark.org/CaptureFilters I found this line: tcp[((tcp[12:1] & 0xf0) >> 2):4] which figures out the TCP Header Length, but I can't find out how it ...

Neymour

asked Apr 20, 2016 at 8:54

Stack Exchange Network

Questions tagged [tcpdump]

Decrypting network traffic and finding HTTPS private key

How to decrypt a tls1.3 tcp packets in wireshark

Kioptrix 2: Why netcat reverse shell executed in web browser via command injection bug doesn't work?

tcpdump packets have bad and incorrect checksums on localhost, how to investigate further?

Capture Packets of other devices in network [duplicate]

Public Availability of a good Dataset in PCAP (TCPDUMP) format for IDS/IPS testing [closed]

Eavesdropping vs. sniffing

Wireshark tcp filter: tcp[((tcp[12:1] & 0xf0) >> 2):4]

Hot Network Questions

Questions tagged [tcpdump]

Related Tags